cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why provide Log Off Link?

Go to solution
Former Member

on ‎09-21-2005 9:32 PM

0 Kudos

Hi Portal People,

When a portal user clicks log off, all I need to do is free portal and any SAP backend resources. I do NOT need to log the user off from my centralized authentication system that I pass thru to get to the Portal, nor anything else.

With these requirements, is there any need for me to provide a "Log Off" link in the portal? My understanding is that the SAP Portal automatically frees up all resources if the user leaves the portal or closes the browser window. It's been my experience that only half of all users will click on log off even if the link exists.

Is there any value to me to provide a Log Off link in my situation?

Thanks in advance.

Kevin

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-21-2005 11:01 PM
0 Kudos

Hi,

Log off link is not essential however take care to keep the session expiry time less so that you don't have too many dead sessions hanging around.

Log off link is not found in the sdn website too you can find that if you close the browser and open the website again you have to login again. The previous session have been killed automatically.

Janvi

Show replies
Show replies
Former Member
‎09-21-2005 11:11 PM
0 Kudos

What causes portal dead sessions? From what I've read, sessions are instantly cleaned up by the SAP Portal if the user either closes his browser or visits a different URL Link. The only scenario not covered is if the user leaves the portal open and walks to lunch. And in this case, providing a logoff link provides no better answer.

Thoughts?

former_member185837
Active Participant
‎09-22-2005 4:53 PM
0 Kudos

Kevin,

if you visit another URL with your currently opened browser window, the session is not cleaned up by EP. You can easily verify this, going to e.g. google.com and then to your EP's URL again. No login procedure is asked again. This is because HTTP is a <b>stateless protocol</b>. When you come back to EP, the browser has already got the SAP Logon Ticket (which basically is a non-persistent cookie stored in the browser's cache), so it sends it to EP which in turn can recognize the user.

Neither if you close the browser window the session is released by the server. Infact EP can't know how long the interval between two user's requests will be. So it needs to keep the user's session alive for some time. Only when the session times out it's released from memory. Of course this time, if you go to the EP's URL in a new browser window, the login screen will appear. But this is because this browser instance can't (obviously... ;^) access any previously issued Logon Ticket.

Davide

Answers (3)

Answers (3)

Former Member
‎09-27-2005 10:29 PM
0 Kudos

Hi Kevin,

Portal is flexible and has different options for different customers.

As a portal administrator/developer you can.

1) Change the loff off URL.

2) Create different URL for different users.

3) ofcourse even remove the lofoff link.

4) Can even do more customizations..

It all depends upon the requirment.

-D

Show replies
Show replies
Former Member
‎09-22-2005 4:59 PM
0 Kudos

Having no log off link could be advantageous when accessing the portal via SSO as it would save you creating a blank page and directing the portal to that rather than the logon screen.

Show replies
Show replies
Former Member
‎09-22-2005 12:24 AM
0 Kudos

Hi,

Yep. I also think that what you say is true.

Janvi

Show replies
Show replies
Former Member
‎09-22-2005 2:50 PM
0 Kudos

Is there a way to determine if all SAP resources (e.g. Portal, ITS backend sessions) have been freed upon closing the browser? I think SAP Session Management (SISP Session Internet Session Protocol) guarantees this, but I'd like to verify.

Thanks,

Kevin

Ask a Question