Defining Options for Liberty Identity Provider

  1. Click Devices > Identity Servers > Servers > Edit > Liberty or SAML 2.0 > Identity Provider > Options.

  2. Select Enable Front Channel Logout. When selected, a service provider initiates a logout at the identity provider by using the HTTP Redirect method.

  3. Configure front channel logout for Access Gateway initiated logout:

    1. Click Devices > Access Gateways > Edit > Reverse Proxy /Authentication > ESP Global Options.

    2. Remove the pound (#) symbol before forceESPSLOHTTP and set its value as true.

    3. Restart Tomcat by running the /etc/init.d/novell-idp restart command.

      For the Docker deployment, perform the following steps:

      1. Run the kubectl get pods command to view the Access Manager pods.

      2. Go to the Identity Server pod by running the kubectl exec --namespace <name-of-the-namespace> -it pod/<name-of-the-identity-server-pod> -- sh command.

      3. Run the /etc/init.d/novell-idp restart or systemctl restart novell-idp.service command.