Changing the logoff page

Edit online

IBM Verify Identity Governance comes with different files that can be specified as the logoff page for its Console and self-service GUI.

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

About this task

The files are in the following directories:
  • $WAS_HOME/AppServer/profiles/$PROFILE_NAME/installedApps/$NODE_NAME/ITIM.ear/itim_console.war/j../../common
  • $WAS_HOME/AppServer/profiles/$PROFILE_NAME/installedApps/$NODE_NAME/ITIM.ear/itim_self_service.war/j../../common directory
Where $WAS_HOME is the directory where the WebSphere® Liberty is installed.

To configure a different logoff page than the default page, modify the ui.properties or SelfServiceUI.properties files.

See the following table about Logout pages.

Table 1. Logoff pages
File name Description
websealLogout.jsp This sample file is the most secure. Use it when you want the following combined behavior when the user clicks the Logoff button:
  • o End the logon session.
  • o End the logon session; the pkmslogout function is started.
    Note: The pkmslogout function works only for clients with an authentication mechanism that does not supply authentication data with each request. For example, pkmslogout does not work for clients that use Basic Authentication, certificates, or IP address information. In these cases, you must close the browser to log out. The pkmslogout function provides this information to the user in a message on the logout page.
You can edit this file to customize the sample logoff function. Set the values:
For Console UI:
enrole.ui.logoffURL=/itim/console/j../../common/websealLogout.jsp
For SelfService UI:
enrole.ui.logoffURL=/j../../common/websealLogout.jsp
ssoLogout.jsp Use this sample file for the following combined behavior when the user clicks the Logoff button:
  • End the current logon session and provide a link to return to IBM Verify Identity Governance.
  • Remain logged in to IBM® Security Verify Access; the iv-user HTTP header information is still available. For example, this action provides for continued use of a portal page or a return to IBM Verify Identity Governance without a logon prompt.
You can edit this file to customize the sample logoff function.
For Console UI:
enrole.ui.logoffURL=/itim/console/j../../common/sso_logout.jsp
For SelfService UI:
enrole.ui.logoffURL=/jsp/logon/SSOLogoff.jsp

Procedure

  1. Open the IBM Verify Identity Governance $IM_HOME/data/ui.properties file in a text editor.
    To configure the Logoff page for SelfService UI, open the SelfServiceUI.properties file.
  2. For the enrole.ui.logoffURL property, specify one of the logoff pages that are described in Table 1.
    Note: The ssoLogout.jsp and websealLogout.jsp files are sample files. They show the sample code required for the IBM Verify Identity Governance logout button when WebSEAL single sign-on is enabled. You can edit these files, including language, for any functions appropriate to your environment.