on 09-21-2005 9:32 PM
Hi Portal People,
When a portal user clicks log off, all I need to do is free portal and any SAP backend resources. I do NOT need to log the user off from my centralized authentication system that I pass thru to get to the Portal, nor anything else.
With these requirements, is there any need for me to provide a "Log Off" link in the portal? My understanding is that the SAP Portal automatically frees up all resources if the user leaves the portal or closes the browser window. It's been my experience that only half of all users will click on log off even if the link exists.
Is there any value to me to provide a Log Off link in my situation?
Thanks in advance.
Kevin
Hi,
Log off link is not essential however take care to keep the session expiry time less so that you don't have too many dead sessions hanging around.
Log off link is not found in the sdn website too you can find that if you close the browser and open the website again you have to login again. The previous session have been killed automatically.
Janvi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What causes portal dead sessions? From what I've read, sessions are instantly cleaned up by the SAP Portal if the user either closes his browser or visits a different URL Link. The only scenario not covered is if the user leaves the portal open and walks to lunch. And in this case, providing a logoff link provides no better answer.
Thoughts?
Kevin,
if you visit another URL with your currently opened browser window, the session is not cleaned up by EP. You can easily verify this, going to e.g. google.com and then to your EP's URL again. No login procedure is asked again. This is because HTTP is a <b>stateless protocol</b>. When you come back to EP, the browser has already got the SAP Logon Ticket (which basically is a non-persistent cookie stored in the browser's cache), so it sends it to EP which in turn can recognize the user.
Neither if you close the browser window the session is released by the server. Infact EP can't know how long the interval between two user's requests will be. So it needs to keep the user's session alive for some time. Only when the session times out it's released from memory. Of course this time, if you go to the EP's URL in a new browser window, the login screen will appear. But this is because this browser instance can't (obviously... ;^) access any previously issued Logon Ticket.
Davide
Hi Kevin,
Portal is flexible and has different options for different customers.
As a portal administrator/developer you can.
1) Change the loff off URL.
2) Create different URL for different users.
3) ofcourse even remove the lofoff link.
4) Can even do more customizations..
It all depends upon the requirment.
-D
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Having no log off link could be advantageous when accessing the portal via SSO as it would save you creating a blank page and directing the portal to that rather than the logon screen.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Yep. I also think that what you say is true.
Janvi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.