Enable customized responses for old session cookies

You can configure WebSEAL to enable customized responses for old session cookies.

Steps

1. Configure WebSEAL to remove session cookies from the browsers of users who logs out in a standard manner.

   The logout-remove-cookie stanza entry in the [session] WebSEAL configuration file stanza controls the removal of session cookies from the browsers of users who does a standard log out.

   The user enters the /pkmslogout command in the command line to log out in a standard manner.

   A value of yes sets WebSEAL to attempt to remove the cookies from the browsers of users who logs out in a standard manner. For example:[session] logout-remove-cookie = yes.

2. Customize the appropriate WebSEAL login form, such as login.html to do the following actions:

   • To read the value of the OLDSESSION macro.

   • To generate a custom response to the user when the macro value is set to 1.

   We can use any of the following tools to check the OLDSESSION macro in the login form:

   • Javascript
   • HTML Meta tags
   • Local response redirection

     See Local response redirection for details.

Compatibility with WebSEAL versions before version 6.0:

The logout-remove-cookie = no default setting sets WebSEAL not to remove cookies from the browsers of users who logs out in a standard manner. For example:

[session]
logout-remove-cookie = no

The default no value exists for compatibility with WebSEAL versions before version 6.0.

Parent topic: Customized responses for old session cookies