Forum Discussion

jaikumar1's avatar
jaikumar1
Mentor
7 years ago

Sign-off redirection

Hi,

 

We are facing the issue of once the member signed-off and redirected. As we enabled SSO, and we are planning to redirect to the community homepage once the member clicked sing-off link. So we have configured in the settings /auth/securityCheck?action=logoutBounce&sendTo=<Community-Homepage-URL>

 

The above configuration is working fine, and it redirect to community homepage. But the issue is member not getting signed-off from the site, and still it's showing the member is signed-in. 

 

So please provide your suggestion to resolve the issue.

  • RobertT's avatar
    RobertT
    Boss
    7 years ago

    Hi jaikumar1,

     

    Are you expiring the lithiumSSO cookie at the same time as expiring your SSO session?

     

    It sounds as if the lithiumSSO cookie isn't being handled by that bounce page/process in the journey so the user may appear signed out for SSO elsewhere but the cookie for the community is still present in their browser with an active user session so the community will keep them signed in there.

    • jaikumar1's avatar
      jaikumar1
      Mentor
      7 years ago

      Thank you for your reply RobertT,

       

      As i thought that Lithium will take care of cookie, and make it the session expire. 

       

      So could you please suggest on how can we make it expire the cookie once we signed-out?

  • ChristineC's avatar
    ChristineC
    Khoros Alumni (Retired)
    7 years ago

    When clicking 'Sign Out' link in the community, it will sign off the user and bring them to the front page of community (assuming it is accessible and not a private community).  You should be able to see this behavior when removing the configured 'URL to sign off page' in the admin.

     

    Are you sure the user's session is being terminated with the IDP (Identity Provider)?  I've seen a case before where the IDP was issuing another SSO cookie and so user was getting logged in again.