ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Delete all cookies for one particular cookie domain (other than the SMSession cookie) when the SiteMinder session has logged out.


Article ID: 52999


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



Need a way to delete cookies from all applications if a SiteMinder user logs out of their SiteMinder session. For example, if a user has a SiteMinder session in the cookie domain and the user logs off, we would like all other application cookies (i.e., Jboss, WebSphere) in to be deleted.


SiteMinder has no way of invalidating all cookies from a certain cookie domain when the user logs off. The work around for this is to use something like a jsp or asp page to invalidate the cookies. You must know the names of all the cookies you want to invalidate.


Component: SMAPC