So I'm using the password expiration option on the IDP, I'm then
forwarding to a custom portal which contains UA in a frame. In the
custom portal we have a link to redirect users back to the application
that they were trying to access.

This was implemented with iChain and used a logout with a redirect.
This worked perfectly.

Password Expiry:

Logout Link: https://www.requestedapp.com/cmd/ICSLogout

Using NAM 4.0, If I used the same logout redirect on the gateway, they
don't get prompted for authentication again:

Password Expiry: https://customportal.com

Logout Link: http://tinyurl.com/o8tm883

It proceeds to the logout page and redirects to the application
without prompting for authentication. It's kind of odd as i've
explicitly sent it through the logout, that it sees the session as still

I've tried using the forceAuth=True, with ?forceAuth=True or
&forceAuth=True and no luck.

Anyone else run into this? We can't use the UserApp logout as they are
logging out from a custom link outside of the UserApp.

Thanks. Eric.

EricVeysey's Profile: https://forums.netiq.com/member.php?userid=493
View this thread: https://forums.netiq.com/showthread.php?t=52495