Steps to Force Oracle Portal login page after Logout July 5, 2009
Tested on Oracle application server 10.1.2.2 , portal 10.1.4
Basically, you need to do the following three steps:
1) You need to first customize the logout page
2) You need to update a database object that hold the URL of the logout page
3) You need to instruct the customized logout page to redirect to the home page (the home page will then realize that it is logout and therefore will show the login screen)
Now the Details
1) Customize the logout page
Oracle provides a test customized logout page that we shall use in this example
You can extract the logout page from a jar file called
ORACLE_HOME/sso/lib/ipassample.jar
The following command can be used to generated the required JSP file
$$ORACLE_HOME/infra/jdk/bin/jar –xvf ipassample.jar signoff-ex.jsp
Or if the PATH is correctly configure you can skip the $ORACLE_HOME/infra…. part
Now move the signoff-ex.jsp file to an appropriate location,
$ mv $ORACLE_HOME/sso/lib/signoff-ex.jsp $ORACLE_HOME/j2ee/OC4
J_SECURITY/applications/sso/web/jsp/logoff.jsp
Note that in the previous command, we also rename the signoff-ex.jsp to logoff.jsp for simplicity
2) Update the database
Oracle portal finds the logout URL by examining a table called WWSSO_LS_CONFIGURATION_INFO$ which exists in a schema called ORASSO
Login in to Oracle to ORASSO/password
(the password in encrypted and can be extracted from OID), however, if you do not know the password, you can login as SYS
Sqlplus / as sysdba
SQL> ALTER SESSION SET CURRENT_SCHEMA=ORASSO;
The above command allows changes the current schema to ORASSO. So make sure that the previous statement finished successfully
Now you need to issue the following update statement after changing the highlighted server name with the appropriate one (replace asdb.realsoft.com:7777, with your server:port for the INFRASTRUCTURE installation)
SQL> UPDATE WWSSO_LS_CONFIGURATION_INFO$
SET LOGIN_URL='UNUSED UNUSED http://asdb.realsoft.com:7777/sso/jsp/logout.jsp';
1 row updated.
SQL> commit;
At this point, and before you continue, try to logout from ORACLE PORTAL and check if the new logout screen is launched. Note, that at this point, if everything is fine, you will see a logout screen which is different than the default one. But you will not be directed to the login screen (Not Yet)
3) Redirect to Login page
In order to redirect immediately to login page after logoff, you need to add the following to the <HEAD> section of the logout page (logout.jsp)
<HEAD>
<meta HTTP-EQUIV="refresh" CONTENT="1;URL=http://asdb.realsoft.com:7778/portal/pls/portal/PORTAL.wwsec_app_priv.login?p_requested_url=
http://asdb.realsoft.com:7778/portal/pls/portal/PORTAL.home&p_cancel_url=http://asdb.realsoft.com:7778/portal/pls/portal/PORTAL.home">
</HEAD>
Login in to Portal , then logout from portal, you will note that the customized logout page appears of a second , then it is redirected to the main portal page by the effect of the URL written in the HEAD section described previously (http://asdb.realsoft.com:7778/portal/pls/portal/PORTAL.home).
Since, Portal is already logout and you are trying to display the HOME page, PORTAL internal security feature will force you to login
Please find below a copy of the logout.jsp file
[oracle@asdb jsp]$ more
logout.jsp
<!-- Copyright (c) 1999, 2003, Oracle. All rights reserved. -->
<!-- signoff-ex.jsp : Example SSO sign-off page -->
<%@page autoFlush="true" session="false"%>
<%
// Declare English Message Strings
String msg1 = "Single Sign-Off";
String msg2 = "Application Name";
String msg3 = "Logout Status";
String msg4 = "ERROR: The return URL value not found.";
String msg5 = "ERROR: Logout URL for partner applications not found.";
// To enable multiple language support this page must determine the
// user language preference and display the page accordingly.
// Please refer to the following URL for details on how to enable
// support for multiple languages:
// http://java.sun.com/j2se/1.4.1/docs/guide/intl/index.html
// Get the user language preference
String userLocaleParam = null;
java.util.Locale myLocale = null;
[oracle@asdb jsp]$ more
logout.jsp
<!-- Copyright (c) 1999, 2003, Oracle. All rights reserved. -->
<!-- signoff-ex.jsp : Example SSO sign-off page -->
<%@page autoFlush="true" session="false"%>
<%
// Declare English Message Strings
String msg1 = "Single Sign-Off";
String msg2 = "Application Name";
String msg3 = "Logout Status";
String msg4 = "ERROR: The return URL value not found.";
String msg5 = "ERROR: Logout URL for partner applications not found.";
// To enable multiple language support this page must determine the
// user language preference and display the page accordingly.
// Please refer to the following URL for details on how to enable
// support for multiple languages:
// http://java.sun.com/j2se/1.4.1/docs/guide/intl/index.html
// Get the user language preference
String userLocaleParam = null;
java.util.Locale myLocale = null;
// Get the user locale
preference sent by the SSO server
try
{
userLocaleParam = request.getParameterValues("locale")[0];
}
catch(Exception e)
{
userLocaleParam = null;
}
// If SSO server did not sent the user locale preference then get the locale
// information based on the HTTP Accept Language header sent by the web brow
ser
if( (userLocaleParam == null) || userLocaleParam.equals("") )
{
myLocale = request.getLocale();
}
else
{
if(userLocaleParam.indexOf("-") > 0 )
{
// SSO server sent the language and territory value (e.g. en-us)
myLocale = new java.util.Locale(
userLocaleParam.substring(0, 2) , userLocaleParam.substring(3, 5));
}
else
{
// SSO server sent only the language value (e.g. en)
myLocale = new java.util.Locale(userLocaleParam, "");
}
}
/*
// To display this page using appropriate language, following section
// should be implemented to use messages from the resource bundle.
// Create application specific resource bundle.
// See the java.util.ResourceBundle class documentation from the
// following URL:
// http://java.sun.com/j2se/1.4.1/docs/api/java/util/ResourceBundle.html
// Note: Replace MyMsgBundleClassName with the actual java message bundle
// class name.
java.util.ResourceBundle myMsgBundle
= java.util.ResourceBundle.getBundle("MyMsgBundleClassName", myLocale);
// Get the message string in the appropriate language using the message key.
// Use this string to display the message in this page.
String mesg = myMsgBundle.getString("mesg_key");
*/
%>
<html>
<HEAD>
<meta HTTP-EQUIV="refresh" CONTENT="1;URL=http://asdb.realsoft.com:7778/portal/p
ls/portal/PORTAL.wwsec_app_priv.login?p_requested_url=
http://asdb.realsoft.com:7778/portal/pls/portal/PORTAL.home&p_cancel_url=http://
asdb.realsoft.com:7778/portal/pls/portal/PORTAL.home">
</HEAD>
<body bgcolor="#FFFFFF">
<h1><%=msg1%></h1>
<%
String done_url = null;
int i = 0;
// Get the return URL value
try
{ done_url = request.getParameterValues("p_done_url")[0];
}
catch(Exception e)
{
done_url = "";
}
// Get the application name and logout URL for each partner application
try
{
%>
<b> <%=msg2%> <%=msg3%> </b>
<br>
<%
for(;;)
{
i++;
String app_name = request.getParameterValues("p_app_name"+i)[0];
String url_name = request.getParameterValues("p_app_logout_url"+i)[0];
%>
<%=app_name%>
<img src="<%=url_name%>"> <br>
<%
}
}
catch(Exception e)
{
if(done_url == null)
{
%>
<%=msg4%> <br>
<%
}
if(i>1)
{
%>
<br> <a href="<%=done_url%>">Return</a>
<%
}
else
{
%>
<%=msg5%><br><%
}
}
%>
</body>
</html>