2

I'm beginner with OpenAM, I'm working on an existing project.

I use this documentation to improve our authentication service: http://docs.forgerock.org/en/openam/10.0.0/dev-guide/index/chap-authentication.html

The login works fine, I receive my token Id and add it in the cookies. I stay connected when I browse restricted web pages.

Now I want to do a clean logout. When you read the documentation about logout, they propose this code:

    protected void logout(AuthContext lc)
    throws AuthLoginException {
    lc.logout();
    System.out.println("Logged Out!!");
}

But in my program, I do not have the login AuthContext anymore.

Is there a way to get or create an AuthContext associated with my user ? This call is it necessary ? (actually, We modify the cookies to be rejected by OpenAM)

Thank you.

Answer: 

SSOToken ssoToken = SSOTokenManager.getInstance().createSSOToken(tokenId);
AuthContext authContext = new AuthContext(ssoToken);
authContext.logout();
Guymage
  • 1,524
  • 1
  • 14
  • 21

1 Answers1

0

Firstly I think you should be able to create a new AuthContext by having access to the session token, by using this constructor.

Secondly it is not necessary to use the ClientSDK to perform authentication remotely, you could also just use the REST APIs, which probably would be a bit more lightweight.

Peter Major
  • 2,975
  • 4
  • 16
  • 17
  • Thank you for your answer, now I can logout: See the original post for the answer. Concerning the ClientSDK, I join an existing project and the SDK is everywhere, I need more experience to think about replacing it. – Guymage Mar 24 '15 at 22:09
  • 1
    Note that you could have also just use destroyToken on SSOTokenManager, see http://download.forgerock.org/downloads/openam/javadocs/internal/com/iplanet/sso/SSOTokenManager.html#destroyToken(com.iplanet.sso.SSOToken) – Peter Major Mar 24 '15 at 22:12