Question

9
Replies
2919
Views
sheka1 Member since 2014 1 post
PEGA
Posted: April 15, 2018
Last activity: January 28, 2019
Closed
Solved

SSO logoff - Doesn't kill the session

Our application has been configured with an IDP (S3 from CA) where SSO logout is not supported. So, if I have logged in as SSO user and try to logout, instead of logging out it logs me back in to the application. I believe this is because the IDP is not providing the logout and hence the session is not killed. Since the session is not killed and it is active the user is redirected to application.

I went through lot of posts in the PDN and none of them help me resolve this issue. Any suggestion regarding this issue would be helpful.

We are using Pega 7.3.1 and framework being used is "CustomerServiceForFS"

Low-Code App Development Data Integration
Close popover
Moderation Team has archived post
Posted: 2 years ago

Hi,


As your IDP is not allowing logout, you were unable to logoff. Can you try clearing the cookies specific to user session by using javascript to achieve this.


 

Posted: 2 years ago

Hi,


I was thinking of doing the same but, OOTB Code-Security.LogOff provides the implementation which just ends the PRPC session. But the user can seamlessly login to the application next time as the application doesn't display the challenge screen. 


Regards,


Ashwin

Posted: 2 years ago

Hi Sheka1, I remember logoff activity is overridden in your customer service framework ruleset. can you try save as the LogOff activity provided by pegaRules application?

Posted: 2 years ago

Hi Sheka1,


 are you able to fix this issue. We are facing the same issue.

Posted: 2 years ago
Hello!


 


Thank you for posting your query on PSC. This looks like an inactive post and hence, we suggest you create a new post for your query. Click on the Write a Post button that’s at the top of this screen and also on our Pega Support Community homepage.  Once created, please reply back here with the URL of the new post.


 


We have also sent you a private message opening up a communication channel in case you have any further questions.


 


Thanks,

Posted: 1 year ago

I am facing similar issue. Is anyone able to find the solution for this issue? it will be of great help if you share the solution for this issue?


 

Accepted Solution
Posted: 1 year ago

We got a local fix from the support team. 


Use the following local change.

1) Copy Code-Security.Logoff to application ruleset.
2) Comment out Step 6 - Show-HTML for pySAMLLogoffWithoutSLO

This will result in Code-Security.EndSession being called and the requestor being shut down properly.  

Posted: 1 year ago

Hi sheka1,


That's great news! Do you mind sharing your Support Request ID that gave you the local fix so that we can track?


Thanks!

Posted: 1 year ago

Hi Sheka1 ,


Thankyou for providing the solution on request . But for some reasons this solution is not working . May be my problem here is bit different. I have tried

 adding below code in overridden Web-Session-Return HTML rule for my issue and it works very well in IE . But dosent work in Chrome. Let us know if you have come accross anything similar .

     

<script language="javascript" type="text/javascript">

//  alert( "you are logged out");

  document.execCommand("ClearAuthenticationCache","false");

</script>


 


Thanks

Mahendra
Share this page LinkedIn
Copied!