Question

5
Replies
1319
Views
 Chunzhi Hong (Chunzhi_Hong)
PEGA
Consulting Manager, Pega Consulting
Pegasystems Inc.
JP
Chunzhi_Hong Member since 2013 141 posts
PEGA
Posted: July 7, 2016
Last activity: July 9, 2016
Posted: 7 Jul 2016 4:47 EDT
Last activity: 9 Jul 2016 6:33 EDT
Closed

7.2 Log off redirection setting doesn't work

I am using personal edition 7.2 and found that "log off redirection" setting doesn't work.

I was redirected to the login screen, although I've selected option "Show log off screen".

 

***Updated by Moderator: Marissa. Added Category***

Security System Administration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 4 years ago
Posted: 7 Jul 2016 5:42 EDT
Harish Gunneri (Harish_GCS)
PEGA
Senior Software Solutions Engineer
Pegasystems Inc.
US

Hi Chunzhi,


That is due to below line of code in your Web-Session-Return HTML file.  This piece of code always redirects to login URL. (you can give a try by doing a preview of this HTML Stream)


    <META http-equiv="refresh" content="0;URL=<pega:reference name="$save(servURL)" />">


Please replace the above line with the below piece of code which has a when condition.


<pega:when java="<%= tools.getParamValue("redTo").equals("RedirectToLoginScreen")%>">


    <META http-equiv="refresh" content="0;URL=<pega:reference name="$save(servURL)" />">


</pega:when>


And make sure you save the Web-Session-Return html in your rulesets and add this ruleset to UnAuthenticated access group on browser requestor type to see the changes.


This will work based on the setting you chose on your application rule form.


BR//


Harish
Posted: 4 years ago
Posted: 7 Jul 2016 6:56 EDT
Bindu Saraf (BinduSaraf)
PEGA
Senior Cloud Development Engineer
Pegasystems Inc.
IN

Hi Hong,


The Activity Code-Security.Logoff sends the value of this setting to Code-Security.EndSession. The activity Code-Security.EndSession then displays different HTML based on this parameter value:
RedirectToLoginScreen = Web-Login
< AnythingElse> = Web-Session-Return


When using "Show Log off Screen" this ends up calling "Web-Session-Return".


The HTML for Web-Session-Return has a meta refresh in it that takes the user back to the login screen:


<META http-equiv="refresh" content="0;URL=<pega:reference name="$save(servURL)" />">


The Section rule "Web-Session-Return" is not marked as final so customizations can be done to it..Save as web-session-return to your ruleset,remove above line of code and add your own log-off image.

 
Posted: 4 years ago
Posted: 8 Jul 2016 1:50 EDT
Chunzhi Hong (Chunzhi_Hong)
PEGA
Consulting Manager, Pega Consulting
Pegasystems Inc.
JP

Altough there is work around solution, the default behavior for "Show log off screen" option, which redirects to login screen, doesn't make any sense. If there is no difference between "Show log off screen" and "Redirect to log in screen" why do we need this configuration option at all?


I remember that V6.3 has OOTB log off screen and it simply works as expected if you select "Show log off screen" option. 


 
Posted: 4 years ago
Posted: 8 Jul 2016 11:09 EDT
Harish Gunneri (Harish_GCS)
PEGA
Senior Software Solutions Engineer
Pegasystems Inc.
US

Hi Chunzhi,


 I agree with you. I've raised the same concern few months ago and logged a bug regarding the Log Off redirection setting. As the web-session-return is an available rule,  this was the solution I've got from our teams.


<pega:when java="<%= tools.getParamValue("redTo").equals("RedirectToLoginScreen")%>">


    <META http-equiv="refresh" content="0;URL=<pega:reference name="$save(servURL)" />">


</pega:when>


 
Posted: 4 years ago
Posted: 9 Jul 2016 6:33 EDT
Phani Sahukaru (sahup1)
PEGA
Architect - Financial Services
Pegasystems Inc.
IN

would updating step#1 Show-HTML from Web-Session-Return to Web-Session-Return-Template in RULE-OBJ-ACTIVITY CODE-SECURITY ENDSESSION makes a difference? please share your thoughts/observations, Thank you!