Spotfire Ideas Portal
When implementing WP custom authentication as detailed on http://stn.spotfire.com/stn/Tasks/ImplementingCustomAuthentication.aspx the customer often wants to implement their own logout page to clear externally set cookies. In the SDK example SpotfireWebDeveloper.CustomWebAuthenticationSiteExample a custom cookie named 'ticket' is set in the browser and needs to be cleared along with the ASP.NET session cookie.
The shipped /SpotfireWeb/Logout.aspx page will clear the ASP.NET session cookie, but does not allow control over the "Login again" link displayed (set to /SpotfireWeb/Library.aspx) and does not allow the customer to clear the 'ticket' cookie. Customers looking for alternatives has implemented a custom logout page by editing Header.htm and providing a separate logout link. This custom logout page can clear the 'ticket' cookie and the ASP.NET session cookie (using a hidden iframe to /SpotfireWeb/Logout.aspx), but this is seen as a crude workaround.
Having a logout link override option would help tremendously to properly configure the Spotfire web interface with external SSO. The expectation would be that after the log out link is clicked from the upper-right-hand drop-down menu on any Spotfire web page (Web player or admin console) and any Spotfire session cleanup is performed, the browser would then be redirected to a custom configured logout URL.
While the original idea discusses the older Web Player architecture, this is still an issue in the new 7.5+ architecture. Having a custom logout page would be very helpful for customers that want to logout of Spotfire and an external SSO application that logged a user into Spotfire.