Previous Topic: Agent Setting for Federation DomainsNext Topic: Set a Time-out for Saved Credentials

Web Agent GuidesWeb Agent Configuration GuideSSO Security ZonesHow to Modify the Sample Code to Remove Open Format Cookies When Users Log Out

How to Modify the Sample Code to Remove Open Format Cookies When Users Log Out

CA SiteMinder® does not recognize, process, or delete open format cookies. Create your own client-side script that removes the open format cookies when your users logout.

This flowchart describes the steps for modifying the sample code to remove open format cookies when users log out

Follow these steps:

  1. Obtain the cookie information.
  2. Modify the sample JavaScript code with the cookie information.
  3. Copy the modified JavaScript code to your logout page.

Obtain the Cookie Information

A client-side logout script requires the following information about your open format cookies:

Obtain this information from your agent owner or web server administrator.

Modify the Sample JavaScript Code with the Cookie Information

Modify the sample JavaScript code after obtaining the information about your open format cookies.

Follow these steps:

  1. Copy the sample JavaScript code into a text editor: 
    <html>
    <head>
        <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
        <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
        <META HTTP-EQUIV="Expires" CONTENT="-1">        
        
        <!-- JavaScript to remove cookie from browser -->
        <script>
            // This function takes the cookie name, path and domain
            // and constructs a expired cookie so that the browser removes the cookie from its store
            function eraseCookie(name, path, domain) 
            {
                if (name)
                {
                  var delCookie = name + '=; expires=Thu, 01-Jan-70 00:00:01 GMT';
                  if (path && path.length > 0) delCookie += ';path=' + path;
                  if (domain && domain.length > 0) delCookie += ';domain=' + domain;    
                  document.cookie = delCookie;
                }
            }
            
            function showCookie(name)
            {
                var ckVal = null;
                var tC = document.cookie.split('; ');
                for (var i = tC.length - 1; i >= 0; i--) 
                {
                    var x = tC[i].split('=');
                    
                    if (name == x[0] && x[1])
                    {
                        ckVal = unescape(x[1]);  
                        break;                        
                    }
                }

                if (ckVal)
                    alert( name + ' = ' + ckVal);  
                else
                    alert('Cookie ' + name + ' does not exist');
            }
        </script>
    </head>

    <body>
        <p><a href="javascript:showCookie('SMOFC')" class="page">Click to show Open Format Cookie</a><br />
        <p><a href="javascript:eraseCookie('SMOFC', '/', 'example.com')" class="page">Click to remove Open Format Cookie</a><br />
    </body>    
</html>
  2. Replace the all occurrences of the default values as shown in the following table:

Replace all occurrences of these default values:

With these values of your open format cookie:

Use this example as a guide:

Name

Open format cookie name

SMOFC

Path

Open format cookie path

\

Domain

Open format cookie domain

example.com
  1. Make any other changes to the sample JavaScript that your environment requires.
  2. Save the modified JavaScript and close the text editor.

Copy the Modified JavaScript Code to Your Logout Page

Update your logout pages with the modified JavaScript code. This code removes the open format cookies when the users log out.

Follow these steps:

  1. Open the logout page of your web server using a text editor.
  2. Copy the modified JavaScript code to the logout page.
  3. Save the changes to the page and close the text editor.
  4. Repeat Steps 1 through 3 for each web server.

Performance