Examice

Exam C2150-609 All QuestionsBrowse all questions from this exam

Question 21

A deployment professional has configured Federated Single Sign-On using IBM Security Access Manager V9.0 with WebSEAL as point of contact.

Which two things need to be configured to achieve Single Log Out (SLO) in the SAML 2.0 Federation? (Choose two.)

The page displayed after pkmslogout is called (logout.html)

The creation of user session ID's ([session]) user-session-ids= yes)

The passing of session cookies to junctioned servers (-k option in the junction creation)

The URIs that receive a single signoff request ([acnt-mgt]) single-signoff-uri =/applications/signoff)

The appropriate extended attribute to the Federation junction (HTTP-Tag-Value user_session_id=user_session_id)

Correct Answer: D, E

To achieve Single Log Out (SLO) in the SAML 2.0 Federation with IBM Security Access Manager V9.0 and WebSEAL, it is crucial to configure the mechanisms that handle single signoff requests and ensure proper session tracking for federated sessions. Firstly, configuring the URIs that receive a single signoff request is essential as it defines where the signoff actions are directed. Secondly, adding the appropriate extended attribute to the Federation junction, such as the HTTP-Tag-Value for user_session_id, ensures proper management and tracking of user sessions, which is necessary for achieving SLO.

Discussion

alexgammaroOptions: BE

I guess the right answer is the letter BE.