User Menus - wrighting/alfresco-cas GitHub Wiki

The method to readd the logout button, and have it do the logout has changed quite a lot over successive versions.

These approaches applies to 5.0.d.

Change the header menu

To add the logout item to the menu is more straight forward.

See share-amp/.../site-webscripts/org/wrighting/alfresco/usermenu/share-header.get.js This is referenced from site-data/extensions/custom-logout.js

This script also removes the Change Password link - you might like to have it point to the Change Password page for your infrastructure. (The Change Password tab on the user profile is still enabled but shouldn't be)

Make the logout work

After logging out of Share you need to logout of CAS as well otherwise when you return to the page CAS will automatically log you in again.

There are three possible approaches:

Override the LogoutService

By replacing the alfresco/services/LogoutService with our own implementation it is possible to change the destination of the logout request and thus logout successfully

Modify Aikau (javascript)

You need to create a patched version of Aikau in order to replace the LogoutService.

The LogoutService subscribes to the logout event - this is set up in several places so it's not very practical to create a new service subscribing to the event.

The new LogoutService then needs to pass the logout destination and parameters to the Surf logout servlet (now called via POST - previously via GET)

An interesting point to note is that CoreXhr.serviceXhr will by default set the headers to be

{ "Content-Type": "application/json" }

This is different from dojo/request/xhr and without changing it the request parameters will not be processed. The correct value is:

headers: { 'Content-Type': 'application/x-www-form-urlencoded' },

Ideally it would be possible to set the LogoutService parameters via configuration however, as it's necessary to rebuild the jar anyway, this is being done using filtering in the maven run.

Modify Share (java)

The (401) POST response contains a Location header that tells the CoreXhr class to redirect to that URL, so an alternative to modifying the Aikau and the POST request would be to modify the SlingshotLogoutController