This article has been archived and is no longer maintained by ForgeRock.
The logout fails but no results message is shown.
If you use a verbose curl request such as:$ curl -v -X POST -H "iplanetDirectoryPro: AQIC5w...*AAJTSQACMDE.*" "http://openam.example.com:18080/openam/json/sessions/?_action=logout"
The response does not show an error, for example:* About to connect() to openam.example.com port 18080 (#0) * Trying 127.0.0.2... connected * Connected to openam.example.com (127.0.0.2) port 18080 (#0) > POST /openam/json/sessions?_action=logout HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/184.108.40.206 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: openam.example.com:18080 > Accept: */* > iPLanetDirectoryPro: AQIC5w...*AAJTSQACMDE.* > < HTTP/1.1 200 OK < Server: Apache-Coyote/1.1 < Content-Length: 0 < Date: Wed, 21 May 2014 08:05:24 GMT < * Connection #0 to host openam.example.com left intact * Closing connection #0
Neither the amSSO.access log or the Session debug log show anything related to logging out, even though they should record activity related to session logouts.
Upgraded to OpenAM 11.0.1.
The logout request is not actually logging out the user as can be seen if you check the active sessions in OpenAM.
This issue can be resolved by upgrading to OpenAM 11.0.2 or later; you can download this from BackStage.
You can workaround this issue by using the legacy REST API to logout, for example:$ curl -X POST -d "subjectid=AQIC5w...*AAJTSQACMDE.*" http://openam.example.com:18080/openam/identity/logout