Question
SSO logoff - Doesn't kill the session
Our application has been configured with an IDP (S3 from CA) where SSO logout is not supported. So, if I have logged in as SSO user and try to logout, instead of logging out it logs me back in to the application. I believe this is because the IDP is not providing the logout and hence the session is not killed. Since the session is not killed and it is active the user is redirected to application.
I went through lot of posts in the PDN and none of them help me resolve this issue. Any suggestion regarding this issue would be helpful.
We are using Pega 7.3.1 and framework being used is "CustomerServiceForFS"
Hi,
I was thinking of doing the same but, OOTB Code-Security.LogOff provides the implementation which just ends the PRPC session. But the user can seamlessly login to the application next time as the application doesn't display the challenge screen.
Regards,
Ashwin
Hi Sheka1, I remember logoff activity is overridden in your customer service framework ruleset. can you try save as the LogOff activity provided by pegaRules application?
Hi Sheka1,
are you able to fix this issue. We are facing the same issue.
I am facing similar issue. Is anyone able to find the solution for this issue? it will be of great help if you share the solution for this issue?
Accepted Solution
We got a local fix from the support team.
Use the following local change.
1) Copy Code-Security.Logoff to application ruleset.
2) Comment out Step 6 - Show-HTML for pySAMLLogoffWithoutSLO
This will result in Code-Security.EndSession being called and the requestor being shut down properly.
Hi @sheka1,
That's great news! Do you mind sharing your Support Request ID that gave you the local fix so that we can track?
Thanks!
Hi Sheka1 ,
Thankyou for providing the solution on request . But for some reasons this solution is not working . May be my problem here is bit different. I have tried
adding below code in overridden Web-Session-Return HTML rule for my issue and it works very well in IE . But dosent work in Chrome. Let us know if you have come accross anything similar .
<script language="javascript" type="text/javascript">
// alert( "you are logged out");
document.execCommand("ClearAuthenticationCache","false");
</script>
Thanks
Mahendra
Hi,
As your IDP is not allowing logout, you were unable to logoff. Can you try clearing the cookies specific to user session by using javascript to achieve this.