Web Logout & Ending Session

hcl-bot · November 12, 2007, 7:54am

I have a webapp which uses session based authentication with a username and password.

When a user is finished, they use a logout hotspot which uses a “?logout&redirectto” url. However what I’m finding is that it’s not ending the session of the user, so if they go back to the webapp, before closing their browser, they are automatically logged back in.

How can I force the session to end when the user logs out?

Thanks

hcl-bot · November 12, 2007, 10:17am

Subject: Web Logout & Ending Session

For session based authentication domino creates a cookie on the client machine and if you want to re-login then you need to clear the cookie before the session expiry timeout.

The way session authentication works is if you’ve a session timeout in the server doc specified say for eg 5 hours and the user closes the browser without using a proper logout script and re-opens a new browser window within the 5 hours then he doesn’t need to relogin. If after the 5 hours when the session expires then user will have to relogin.

Normally I use the following logout script:

logout(‘DomAuthSessId’,‘’);

function logout(name,value) {

document.cookie=name+“=”+value+“; expires=Saturday, 30-Sep-1969 08:00:00 GMT ; path=/”;

location.href = “/”;

}

Try this should work.

HTH

Sai

hcl-bot · November 22, 2007, 5:14pm

Subject: RE: Web Logout & Ending Session

If I hit back arrow i still can see last page I hit log out from.

hcl-bot · November 12, 2007, 10:33am

Subject: RE: Web Logout & Ending Session

Thanks Sai,

where would you put this script on the form? Would this replace the current logout hotspot?

hcl-bot · November 12, 2007, 10:49am

Subject: RE: Web Logout & Ending Session

The function would go into the jsheader and you need some event to call the function say for eg:

if a button then onClick="logout(‘DomAuthSessId’,‘’);

if a href then Logout

etc…

I don’t know what your logout hotspot does.

HTH

Sai

hcl-bot · November 12, 2007, 10:50am

Subject: RE: Web Logout & Ending Session

THanks Sai, I’ve got it working.

One last question, how would I then redirect the user to another webpage, say www.lotus.com ?

My old hotspot used the ?Logout&RedirectTo command so I’d like to do that if possible

Thanks

hcl-bot · November 12, 2007, 11:00am

Subject: RE: Web Logout & Ending Session

Look at the last line of the function. You can specify the redirection.

location.href = “http://www.lotus.com” or whatever

Sai

hcl-bot · November 13, 2007, 4:58am

Subject: RE: Web Logout & Ending Session

Thanks Sai, works a treat

hcl-bot · May 26, 2008, 8:20am

Subject: RE: Web Logout & Ending Session

function logout() {document.cookie=“DomAuthSessId=‘’; expires=Saturday, 30-Sep-1969 08:00:00 GMT ; path=/”;

window.parent.location.reload();

}