IBM Security Access Manager V9.0 Deployment — Question 13

A deployment professional has configured Federated Single Sign-On using IBM Security Access Manager V9.0 with WebSEAL as point of contact.
Which two things need to be configured to achieve Single Log Out (SLO) in the SAML 2.0 Federation? (Choose two.)

Answer options

• A. The page displayed after pkmslogout is called (logout.html)
• B. The creation of user session ID's ([session]) user-session-ids= yes)
• C. The passing of session cookies to junctioned servers (-k option in the junction creation)
• D. The URIs that receive a single signoff request ([acnt-mgt]) single-signoff-uri =/applications/signoff)
• E. The appropriate extended attribute to the Federation junction (HTTP-Tag-Value user_session_id=user_session_id)

Correct answer: B, D

Explanation

The correct options, B and D, are essential for implementing Single Log Out. B ensures that user session IDs are created, which is crucial for tracking sessions across multiple services, while D specifies the URIs that will process the signoff requests. The other options, while related to session management, do not directly contribute to the SLO process.