PingFederate logout redirect -

The key to the dynamic referrer query parameter solution is extending the logout success velocity template, mainly idp.logout.success.page.template.html. By adding the following JavaScript to the velocity template, the referrer capability will be added. The tag will also be modified to process the referrer upon page loading, mainly modify the tag to be . When the page loading occurs the JavaScript will be processed to look for the referrer value.

  <script>
    function processLogout() {
        var redir = getUrlParameter("redirect");
        if(redir != '') {
            window.location = redir;
        } else {
            document.getElementById("docbody").style.display = "block";
        }
    }
    function getUrlParameter(name) {
        name = name.replace(/[[]/, '\[').replace(/[]]/, '\]');
        var regex = new RegExp('[\?&]' + name + '=([^&#]*)');
        var results = regex.exec(location.search);
        return results === null ? '' : decodeURIComponent(results[1].replace(/+/g, ' '));
    };
  </script>

Once the JavaScript has been added to the velocity template, thetag will need to be modified to process the referrer upon page loading as shown in the code snippet below. A new tag is also needed for the case when no referrer is provided which is an “id” that the JavaScript will then load as the page content.

  <body onload="processLogout()">
    <div class="container" id="docbody" style="display: none;">
    </div>
  </body>

With this implementation, the logout capability of the HTML Form IdP Adapter will behave in the following way.

1. If the logoff page is hit with no query parameters (e.g. /https://sso.company.com/ext/logoff) then:
  - PingFederate SSO cookies will be cleared
  - User will land on the “you have been signed out” page
2. If the logoff page is hit with query parameters (e.g. https://sso.company.com/ext/logoff?referrer=https://www.google.com) then:
  - PingFederate SSO cookies will be cleared
  - User will be redirected to “referrer” URL parameter (NB: needs to be fully qualified with protocol such as HTTP/S). In the example above the redirect will be to: https://www.google.com.

This adds the flexibility to auto-redirect to other locations upon logoff across applications within a federation. If you have any comments or questions, please contact us!

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
LS_CSRF_TOKEN	session	Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_47704508_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
_zcsr_tmp	session	No description available.
663a60c55d	session	No description available.
ac09458e72	session	No description
AnalyticsSyncHistory	1 month	No description
CookieLawInfoConsent	1 year	No description
fd6b13af5c	session	No description available.
li_gc	2 years	No description
proofidltd-_zldp	2 years	No description
proofidltd-_zldt	1 day	No description
visitorId	1 year	No description
zc_consent	1 year	No description available.
zc_cu	1 year	No description available.
zc_cu_exp	1 year	No description available.
zc_loc	session	No description available.
zc_show	1 year	No description available.
ZCAMPAIGN_CSRF_TOKEN	session	No description available.

PingFederate logout redirect

PingFederate logout redirect

About the Author: ProofID

Share

TOPICS

Be the first to hear about news, product updates, and innovation from proofid

PingFederate logout redirect

PingFederate logout redirect

About the Author: ProofID

Share

TOPICS

Kerberos authentication troubleshooting with PingFederate

Configuring Qualys with PingFederate

Advanced user registration with PingFederate

PingFederate & PingAccess Configuration Made Easy with ProofID ConfigMigrator

Be the first to hear about news, product updates, and innovation from proofid