Last updated on MARCH 08, 2017
Applies to:COREid Access - Version: 7.0
Information in this document applies to any platform.
Checked for relevance on 12-Apr-2010
Oracle Access Manager logout is failing using custom logout page. When a user logs in and authenticates, navigates the site and clicks logout, the user is then able to navigate back to one of the protected web pages without having to re-authenticate.
Login is form-based so credentials are not saved in the browser.
Points already checked:
The correct logout URL is configured in Access System Configuration
The correct logout URL is configured in webgatestatic.lst (no longer required in release 10.1.4)
The custom logout page is accessed via public, non-protected path
The custom logout page has:
No references to protected resources i.e. images are not accessed via protected paths
Reference: Oracle� Access Manager Access Administration Guide 10g (10.1.4.0.1)
Appendix C Configuring Logout
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms