Logout is randomly not working using AgentAPI

Document ID : KB000030480
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

When using a custom agent sometimes the logout is not working when using a load balancer between agent and policy server

Solution:

Because the Logout is using both ClientIP and Session Id you need to make sure that the ClientIP that is used for logout is the same as the one that was used to initiate the Login. If it is not the same the logout will fail. It can happen in an environment with a loadbalancing between Custom Agent and Policy Server that the client IP change.

reference : SDK guide.

https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/programming-reference/legacy-sm-java-sdk/netegrity/siteminder/javaagent/AgentAPI.html#logout(java.lang.String, netegrity.siteminder.javaagent.SessionDef)

logout

public int logout(java.lang.String clientIPAddr,
                  SessionDef sd)

Logs a user out of a user session and issues an event. No database is updated.

To terminate the session, you must discard the session specification after logging out the user. To do so, set the SessionDef object to null -- for example:
 result = aa.logout(clientIPAddr, sd);
 if (result == YES)
      sd = null;
Use this method for logout of all users and administrators except for SiteMinder administrators. For logout of SiteMinder administrators, use logout() in class SmApiSession of the Utilities package.

Parameters:
clientIPAddr - (Optional) The client IP address.
sd - The current session.
transactionId - (Optional) The client-side transaction Id.
Returns:
One of these values:
  • YES. The user logged out successfully.
  • NO. The user was not logged out.
  • NOCONNECTION. The object was not connected.
  • TIMEOUT. The method timed out.
  • FAILURE. The operation failed.
  • INVALID_SESSIONDEF. The Session Definition is invalid.