Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 22629 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I need a logout button for the captive portal or a URL I can bookmark.

MurrayCarte

Users need to log out when they leave the pc. The logou button on the captive portal "you have logged in" page is not available because the user closes it.


I tried http://172.16.16.16:8090/logout.xml but it loads a blank page and the user remains logged in.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Bianson

    Hi All, 

     

    Good day All,

    We are having same problem on the Sophos XG 105 devices when logged with Username and Password.. 

    Created an quota for the user..

    We are login to the system over web page default  https://172.16.16.16:8090 as below.

    After login we can use internet access succesfully.

    The problem is if we close Logged Web page the system still can reach to the Internet and client cannot log out from portal.. 

    While logging this page is using https://172.16.16.16:8090 by users.

    Do you have any link or web address to log out manually for the Users?

    Thanks.

    Bekir Kopmaz

  • 0 in reply to Bekir Kopmaz
    It is not a great solution, however if you go to https://XG-IP:8090/ you should get another login page.  If you log in and out again it will be logged out.
     

    Under Authentication \ Services at the bottom there are several options.  The relevant ones are:
    Preserve captive portal after login 
     - this controls whether the login page stays and the real destination is opened in a new tab, or that the login page is replaced with the real destination
    Use keep alive to maintain user session 
     - if this is set to yes then when the login page is closed the user is immediately logged out
     - if this is set to no then the inactivity settings are used
     - I think (not sure) if Preserve Captive Portal is off, then the user inactivity timeout is user, regardless of the keep-alive setting
    User inactivity timeout 
    Data transfer threshold
     - This is basically read as "The user is still considered logged in if 2048 bytes is sent within 5 minutes" or "if the XG does not see at least 2048 bytes in a 5 minute period, log out the current user".  This inactivity detection can be quite dependent on your environment and usage, so you'll have to play with the settings to find something right for you.
     

    Another option is to use XML.  This can be done directly in WebAdmin or you can build your own service to do this.
    Look at help for Backup & Firmware \ API.  Google for Sophos LiveUserLogin.
  • 0 in reply to Bianson

    We needed this to be able to log out users on shared devices. 

    If you like a bit of PHP and Curl you could do it like this :

    $xml='<Request><Login><Username>ADMINUSERNAME</Username><Password>PASSWORD</Password></Login>
    <LiveUserLogout>
    <IPAddress>'.$_SERVER['REMOTE_ADDR'].'</IPAddress>
    </LiveUserLogout>
    </Request>';
    $xml=urlencode($xml);
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_URL, 'YOUR_XG_URL:4444/webconsole/APIController?reqxml='.$xml);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_exec($ch);
    curl_close($ch);
    echo 'Your Session Has Ended';
    exit();