Logout Path
The logoutPath parameter controls the action taken when the Logout button is pressed in the application.
Procedure
-
Open the
config.xml file.
For information about how this file should be opened (i.e., via the Configuration Administrator or via the file system), see Introduction.
-
Locate the
logoutPath record in the
config.xml file. For example:
<record jsxid="logoutPath" path="logout"> </record>
-
Set the
path attribute to one of the following:
- "logout" - This causes the out-of-the-box logout URL to be used, which is:
http://hostname:8080/bpm/logout
The redirectURL1 is then appended to the logout URL. For example, if you are running the Workspace application, the URL, http://hostname:8080/workspace/workspace.html, is appended to the logout URL. This would yield the following upon logout:
http://hostname:8080/bpm/logout?redirectURL=http://hostname:8080/workspace/workspace.html
Specifying "logout" in the path attribute causes the application to do a GET on the URL, which invalidates the current session. It loads a new session, then redirects to the redirectURL.
Note: For security reasons, the domain of the redirectURL must match the domain of the ActiveMatrix BPM runtime server, otherwise the domain must be whitelisted using the whiteListAddresses property in the OSProperties.properties file. - "someURL" - This works similar to "logout" except that the out-of-the-box logout URL (http://hostname:8080/bpm/logout) is not used. Instead, the custom URL specified in the
path attribute is used for the logout (the custom URL can perform any custom processing that is needed (including clearing the session, if desired)). The
redirectURL1 is then appended to the custom URL. For example, if the value in the
path attribute is "http://myserver:90/myCustomLogout", and you are running the Workspace application, the following URL is used upon logout:
http://myserver:90/myCustomLogout?redirectURL=http://hostname:8080/workspace/workspace.html
Upon logout, the application does a GET on this URL.
The URL used to launch the application is passed in the "redirectURL" parameter. The custom URL can choose to use the redirectURL value, or not.
Also note that the custom URL must be a full URL starting with either http or https; it cannot be a relative URL.
Note: For security reasons, the domain of the redirectURL must match the domain of the ActiveMatrix BPM runtime server, otherwise the domain must be whitelisted using the whiteListAddresses property in the OSProperties.properties file. - "" - An empty string causes the session to be invalidated and the application is reloaded. It does not do a GET on the URL.
- "/bpm/logout" - The
path attribute must be set to this value if you are using OpenID Connect for single sign-on authentication.
When using OpenID, the value of this property must match the value of the OpenID configuration property, Logout Path, which is "/bpm/logout".
For more information, see the Logout Path property in Using ActiveMatrix Administrator to create an OpenID Connect Shared Resource.
- "https://host:port/bpm/logout" - The
path attribute must be set to this value if you are using SAML Web Profile for single sign-on authentication.
host is the DNS name or IP address of the server that hosts the ActiveMatrix BPM runtime and port is the port used by the application.
For more information about using SAML Web Profile for SSO authentication, see Using SAML Web Profile with ActiveMatrix BPM.
- "logout" - This causes the out-of-the-box logout URL to be used, which is:
- Save and close the config.xml file.