Logout using pkmslogout-nomas

To help customers who wish to construct and implement a single signoff process in which all hosts are signed off at the MAS, WebSEAL can be configured to use the pkmslogout-nomas management page. When ECSSO is configured, the pkmslogout-nomas management page can be used as an alternative to the pkmslogout command to log out from the session on the current host. For example:

https://www.example.com/pkmslogout-nomas

The /pkmslogout management page causes clients that log out of a local system to be redirected to perform another logout on the MAS. The /pkmslogout-nomas management page operates exactly like the /pkmslogout management page with the exception that it does not redirect the Web browser to the MAS host /pkmslogout management page to log out the user's session. This makes it possible to chain logouts from the MAS. For example, a custom logout page can be placed on the MAS system that contains hidden links to the /pkmslogout pages on all the non-MAS systems, thus logging the user out of every system in the community.

Parent topic: Configuration of e-community single sign-on