How to logoff siteminder

[Parthibakumari]

In our struts application we are using the siteminder for the authentication of the users. Whenever the user is authenticated by the siteminder the user is being taken to the application welcome page.Then user performs his own activities and after that whenever he is logging out, i am taking him to the logout page and before that i am clearing all the sessions using the session.invalidate and also setting the session = null. I porvide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application. So i dont know wht to do. But i close the window and open the new window i am getting that loing prompt.But when the users types the same URL in the same page he is taken into the application without login screen

Please help me with this issue

[felixtfelix]

Hi,

Not clear from your points. After calling the logout action you can directly forward the page to the login screen using a forward with that action. I hope you will maintain the user id in the session value ,if the session value is null then you can redirect the user to the login page. Simple way to do this kind of thing is to use the Filter. The Filter is a one which will get called before or after( depending upon your need ) every request. so in that class you can check whether the session is null or not. If it is null then you can redirect to the login_page.

Regards
Felix T

[felixtfelix]

For the Filter refer

Java(TM) Boutique - Writing Servlet Filters

for an example

[koteshmail]

The beauty of siteminder is you can specify logoffuri in ACO settings which clears the the sessions of authenticated user.

No need of worrying about your application code. You can write your application which logout the application session not siteminder session.