Problem

You have an installation of PortalGuard and are looking to log out of PortalGuard.

Solution

Authenticated users can logout of PortalGuard at any time using the "Log Out" link in the upper right corner of its own pages:

Open

Terminating the PortalGuard session from other websites is another matter. The PortalGuard Identity Provider added support for SAML Single Log Out (SLO) in version 5.4.0.1, but this is only applicable for websites that utilize SAML (not WS-Federation or CAS). However, PortalGuard does have a logout page that when called will end the PortalGuard session: https://YOUR.PG.SERVER/_layouts/PG/signout.aspx

• NOTE: Replace “YOUR.PG.SERVER” with your own PortalGuard server name. Also, if you are not using HTTPS/SSL, be sure to use http://

You can optionally control where the user is redirected after the PortalGuard logout by using the “ReturnUrl” query string parameter. The value of this parameter must be URL-encoded. For Example to send users to “https://www.google.com”, you would use:

• https://YOUR.PG.SERVER/_layouts/PG/signout.aspx?ReturnURL=https%3A%2F%2Fwww.google.com

The only other caveat is that PortalGuard has a white list of “external” servers it can redirect users to after a logout (this is for security purposes). You can add extra server names in C:\InetPub\PortalGuard\web.config as shown in the screenshot below (see the green highlight):

Open

Only the protocol (e.g. “https://”) and server name should be specified here. Run “iisreset” from an administrative command prompt for any changes to take effect.

• NOTE: Be sure to make a backup copy of the web.config before modification! You must use the exact syntax above for the <add /> tag - an improperly formatted web.config file will “break” the PortalGuard IIS website and render it inoperable. Restoring the backed up web.config will restore website functionality immediately (no server reboot necessary).