(Quick history as to why I want to change “LOGOUT_URL”) We successfully implemented SSO on Internal workspace and now users are able to login to Internal workspace using their Okta credentials, no issues till now. The problem arises when users try to logout from this workspace. When users click on “Sign out” button as shown below, it logs them out of all the other applications that they have logged in into using their Okta credentials.
To overcome this issue with “Sign Out” I was trying to change value of “LOGOUT_URL” in Internal workspace, after investigation there is no place (from the front end APEX application) where we can alter the “Substitution String” for “LOGOUT_URL” in the Internal workspace, it comes in as default redirect to “&LOGOUT_URL.” (Found this setting by downloading Oracle APEX 19.2 and going through the sql file f4550.sql).
Finally, I found a place where this setting was stored in APEX table. I tried to update the logout URL using this Update statement.
UPDATE apex_190200.wwv_flow_step_buttons SET button_redirect_url = 'apex.navigation.redirect(''URL'');' where button_name='SIGNOUT' AND ID = 787948171855029003;
This did NOT work, and the Sign out URL still points to apex.navigation.redirect('apex_authentication.logout?p_app_id=XXXX\u0026p_session_id=XXXXXXXXX');
I even tried to update the button template using the query below.
Update apex_190200.wwv_flow_button_templates set template = ‘<button onclick="apex.navigation.redirect(''https:XXXXXXXXXX'');" class="a-Button #BUTTON_CSS_CLASSES#" type="button" #BUTTON_ATTRIBUTES# id="#BUTTON_ID#">#LABEL!HTML#</button>' where id=781653829819356486;
My changes are NOT taking effect, should I restart APEX or should I restart entire Database ? I am open for any better suggestion on how to implement this change ? Thanks for helping.
We implemented a work around in Oracle HTTP server (OHS) which manages requests between browser requests and APEX engine.
When User clicks on the "Logout" button in APEX console on his browser, OHS would first receive this logout request which gets re-directed to the intended URL that we want (it could be www.google.com as well)
In OHS conf settings (ohs mod rewrite) we created a rule that checks if the call looks like this "
(?i)/apex/apex_authentication.logout" and if it does, OHS just redirects it to our desired end point.