Logout Redirect when SSO implemented

Khanna Ji
Tera Guru

Guys,

I have integrated servicenow instance with SSO. Everything is working smooth except the logout button. When I click logout, servicenow brings me back to home screen instead of ending the session and taking me to servicenow logout screen.

Am I missing something? Please help me here.

3 REPLIES 3

Deepak Ingale1
Mega Sage

This is expected behavior, if you want to customize, you will have to modify the installation exist script for logout so redirect user to appropriate page once user clicks on logout button.

 

https://community.servicenow.com/community?id=community_question&sys_id=28cfcb65dbdcdbc01dcaf3231f96...

https://community.servicenow.com/community?id=community_question&sys_id=b9c80b61db5cdbc01dcaf3231f96...

 

Note:Please mark reply as correct / helpful if it answers your original question

gs.include("PrototypeServer");
gs.include("SSO_Helper");
gs.include("SAML2_update1");

var MultiSSOLogout = Class.create();
MultiSSOLogout.prototype = {
    
    initialize: function() {
        this.ssoHelper = new SSO_Helper(null, true);
        var loginMethod = request.getSession().getAttribute("glide.authenticate.multisso.login.method");
        this.loggedInNormal = (loginMethod == null || "db" == loginMethod);
        this.propertiesGR = this.ssoHelper.getProperties();
        
        if (! this.loggedInNormal) {
            this.ssoHelper.debug("Logging out external auth : " + this.propertiesGR.sys_class_name);
        
            if (this.propertiesGR.sys_class_name == 'saml2_update1_properties')
                this.SAML2 = new SAML2_update1(this.ssoHelper);
        }
    },
    
    process : function() {
        if ( "true" != gs.getProperty("glide.authenticate.multisso.enabled") 
            || this.loggedInNormal
            || this.propertiesGR.sys_class_name == 'digest_properties' ) {
            this.ssoHelper.debug("Logging out normal");
            return this.processNormalLogout();
        }
        
        if (this.propertiesGR.sys_class_name == 'saml2_update1_properties') {
            
            var binding = this.propertiesGR.idp_logout_binding;
            if (binding && binding.equals("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")) {
                this.ssoHelper.debug("Logging out saml using HTTP POST");
                var output = this.SAML2.generateLogoutRequestForm(request);
                response.setContentType("text/html");
                response.getWriter().write(output);
            } else {
                this.ssoHelper.debug("Logging out saml using HTTP Redirect");
                var req = this.SAML2.generateLogoutRequestURL(request);
                if (GlideStringUtil.nil(req)) {
                    gs.logWarning("MultiSSOLogout: Logout request URL was null. Redirecting to a static page.");
                    response.sendRedirect("logout_success.do");
                } else
                    response.sendRedirect("auth_redirect.do?sysparm_url=" + escape(req));
            }
        }

        return true;
    },
    
    getLogoutRequest : function () {
        var sessionIndex = request.getSession().getAttribute("glide.multiSSO.session_index");
        var nameId = request.getSession().getAttribute("glide.multiSSO.session_id");
        var elem = this.SAML2.createLogoutRequest();
        
        this.SAML2.createIssuer(elem);
        this.SAML2.createNameID(elem, nameId);
        this.SAML2.createSessionIndex(elem, sessionIndex);
        
        return this.SAML2.getEncodedSAMLRequest(elem);
    },
    
    processNormalLogout : function() {
        var s = request.getParameter('sysparm_goto_url');
        if (s && GlideSecurityUtils.isURLWhiteListed(s)) {
            this.ssoHelper.debug("processNormalLogout redirecting to : " + s);
            response.sendRedirect(s);
        } else
            response.sendRedirect("logout_success.do");
        
        return true;
    }
    
};

 

This is the code in the MultiSSOLogout. What I need to update to send the user to logout page of servicenow?

Hi,

Did you ever figure out how to modify this MultiSSOLogout installation exit script to redirect the user to the appropriate page after clicking 'Logout' from service portal?

 

Thanks,

Chris

If this answer is helpful please mark correct and helpful!

Regards,
Chris Perry