Customizing Access Gateway Logout Page

You can create your own logout page and configure Access Gateway to use it. To do this, you need to modify the Access Gateway logoutSuccess_legacy.jsp file.

You can modify the file to display what you want or you can modify it to redirect the user to your custom page.

Modifying the Header

The logoutSuccess_legacy.jsp file is called in a frame from the nidp_legacy.jsp file. The branding in the header of the logout page is controlled by the branding of the nidp.jsp file. For information about how to modify logos, titles, and colors, see Rebranding the Header.

Redirecting to Your Custom Page

One way to provide redirection is to replace the information in the <body> element of the logoutSuccess_legacy.jsp file with something similar to the following:

<body> 
      <script language="JavaScript"> 
        top.location.href='http://<hostname/path>'; 
      </script>     
</body>

Replace the <hostname/path> string with the location of your customized logout page.

For information about how to modify a file, see Modifying Configurations.

IMPORTANT:Take a backup of logoutSuccess_legacy.jsp file before modifications. Every time you upgrade Access Gateway, the upgrade process overrides any custom changes made to JSP files that use the same filename as those included with the product. If you want the modified file, restore the nidp_legacy.jsp file. During an upgrade, you can select to restore custom login pages, but NetIQ still recommends that you have your own backup of any customized files.

Calling Different Logout Pages

If you need to use a different logout page for specific protected resources, modify the logout button of the applications to use the AGLogout URL rather than the plogout URL (see Customizing Applications to Use Access Gateway Logout Page). The AGLogout page redirects to the plogout page, which calls logoutSuccess_legacy.jsp. Any parameter added to the AGLogout or plogout URL is saved and passed to logoutSuccess_legacy.jsp.

The parameter passed to logoutSuccess_legacy.jsp can be used with the if/else logic in the body of the page to load different custom logout pages based on the parameter value.

To use the plogout URL, modify the application’s logout button to call the following URL:

<ESP Domain>/nesp/app/plogout

Replace <ESP Domain> with the same value as the AGLogout value. For example, suppose your AGLogout value is the following:

https://jwilson1.provo.novell.com:443/AGLogout

You would replace it with the following value:

https://jwilson1.provo.novell.com:443/nesp/app/plogout

If you add a parameter to the URL, it would look similar to the following:

https://jwilson1.provo.novell.com:443/nesp/app/plogout?app=email

Logging Out of Sessions of Access Gateway and SAML Connectors when Branding Exists in the Customized Logout Page

When you have both Liberty and SAML 2.0 sessions running on Identity Server and you log out of Access Gateway, the logoutSuccess_legacy.jsp page is not executed with the customizations you have made to the logout page. You will be able to log out of Access Gateway but the customizations you made are lost.

If the logutSuccess_legacy.jsp file is not loaded in a frame, the banner will not be displayed, and Access Gateway will comment out the content in the logoutSuccess_legacy.jsp file. Modify logoutSuccess_legacy.jsp and add the following line after the <body> tag:

<!-- BANNER LOADS IF THIS PAGE IS NOT LOADED IN REGULAR FRAME -->
<%@include file="logoutHeader.jsp"%>

For information about how to modify a file, see Modifying Configurations.