Previous Topic: Customize a SAML Assertion Response (optional)Next Topic: Configure Attributes for WS-Federation Assertions (optional)


Configure Signout for WS-Federation

Signout is the process of a user being logged out of all sessions for the browser that initiated the logout. Signout does not necessarily end all sessions for a user. For example, if the user has two browsers open, that user can establish two independent sessions. Only the session for the browser that initiates the signout is terminated at all federated sites for that session. The session in the other browser is still active.

A user can initiate a signout request from an Account Partner or a Resource Partner. The request is triggered by clicking a link pointing to the appropriate servlet.

Note: CA SiteMinder® only supports the WS-Federation Passive Request profile for signout.

Enable Signout

By configuring the settings in the Signout section, you are informing the Account Partner how the Resource Partner supports signout.

If you enable signout, you must also:

To configure signout

  1. Navigate to the SAML Profiles page for the Resource Partner you want to configure.
  2. In the Signout section, select Enable Signout.
  3. Enter values for the following URL fields:

    These fields must each have an entry that starts with https:// or http://.

    Note: Click Help for a description of fields, controls, and their respective requirements.

  4. Click OK.