You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/spring-apps/how-to-configure-enterprise-spring-cloud-gateway.md
+5-2Lines changed: 5 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -126,14 +126,17 @@ You can also view or edit those properties in the Azure portal, as shown in the
126
126
VMware Spring Cloud Gateway service instances provide a default API endpoint to logout of the current SSO session. The path to this endpoint is `/scg-logout`. There are two different outcomes that can be accomplished depending on how the logout endpoint is called: logout of session and redirect to IdP logout or only logout the service instance session.
127
127
128
128
### Logout of IdP and SSO Session
129
-
Sending a GET request to the `/scg-logout` endpoint then it will send a 302 redirect response to the IdP logout URL. In order for user to be returned back to a path on the Gateway service instance, you can add a redirect parameter to the GET `/scg-logout` request. For example, if you have a website with the logout function and you want the users will be redirected back to `${serverUrl}/home` after logging out of IdP in their browser, you need to link the logout buttion to the url `${serverUrl}/scg-logout?redirect=/home` in your frontend app code.
129
+
Sending a GET request to the `/scg-logout` endpoint then it will send a 302 redirect response to the IdP logout URL. In order for user to be returned back to a path on the Gateway service instance, you can add a redirect parameter to the GET `/scg-logout` request. For example, `${serverUrl}/scg-logout?redirect=/home`.
130
+
To implemente the function in your microservices, let's take a look at a concerete example.
131
+
1.[A route config](https://github.com/Azure-Samples/animal-rescue/blob/0e343a27f44cc4a4bfbf699280476b0517854d7b/frontend/azure/api-route-config.json#L32) to route the logout request to your application is needed.
132
+
2. In that application, you can do whatever logic you want to logout. At the end, you need to [send a get request](https://github.com/Azure-Samples/animal-rescue/blob/0e343a27f44cc4a4bfbf699280476b0517854d7b/frontend/src/App.js#L84) to the Gateway's `/scg-logout` endpoint.
130
133
131
134
> [!NOTE]
132
135
> The value of the redirect parameter is a valid path on the Gateway service instance. You cannot redirect to an external URL.
133
136
134
137
### Only Logout SSO Session
135
138
If the GET request to the `/scg-logout` is sent using a XMLHttpRequest (XHR), then the 302 redirect could be swallowed and not handled in the response handler. In this case, the user would only be logged out of the SSO session on the Gateway service instance and would still have a valid IdP session. The behavior typically seen in this case is that if the user attempts to login again they are automatically sent back to gateway as authenticated from IdP.
136
-
A piece of code example is as below.
139
+
A concerete example is as below. You still need to have a route config to route the logout request to your application but in the application, the below code will make gateway only logout sso session.
0 commit comments