Skip to main content
Contact a Moderator

Question

9
Replies
3303
Views
 Ashwinraj Shekar (sheka1)
PEGA
Lead System Architect
Pegasystems Inc.
IN
sheka1 Member since 2014 1 post
PEGA
Posted: April 15, 2018
Last activity: January 28, 2019
Posted: 15 Apr 2018 3:04 EDT
Last activity: 28 Jan 2019 19:48 EST
Closed
Solved

SSO logoff - Doesn't kill the session

Our application has been configured with an IDP (S3 from CA) where SSO logout is not supported. So, if I have logged in as SSO user and try to logout, instead of logging out it logs me back in to the application. I believe this is because the IDP is not providing the logout and hence the session is not killed. Since the session is not killed and it is active the user is redirected to application.

I went through lot of posts in the PDN and none of them help me resolve this issue. Any suggestion regarding this issue would be helpful.

We are using Pega 7.3.1 and framework being used is "CustomerServiceForFS"

Low-Code App Development Data Integration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 3 years ago
Posted: 15 Apr 2018 7:09 EDT
Sandeep Gunanchipalli (Sandeep46)
OCBC Bank
Senior Software Analyst
OCBC Bank
SG

Hi,


As your IDP is not allowing logout, you were unable to logoff. Can you try clearing the cookies specific to user session by using javascript to achieve this.


 
Posted: 3 years ago
Posted: 23 Apr 2018 6:23 EDT
Ashwinraj Shekar (sheka1)
PEGA
Lead System Architect
Pegasystems Inc.
IN

Hi,


I was thinking of doing the same but, OOTB Code-Security.LogOff provides the implementation which just ends the PRPC session. But the user can seamlessly login to the application next time as the application doesn't display the challenge screen. 


Regards,


Ashwin
Posted: 3 years ago
Posted: 19 Jun 2018 7:15 EDT
Premkumar Ganesan (PremkumarG)
cognizant

cognizant
NL

Hi Sheka1, I remember logoff activity is overridden in your customer service framework ruleset. can you try save as the LogOff activity provided by pegaRules application?
Posted: 3 years ago
Posted: 22 Oct 2018 10:28 EDT
Raja Reddy Bommana (RajaReddyB)
WellsFargo

WellsFargo
IN

Hi Sheka1,


 are you able to fix this issue. We are facing the same issue.
Posted: 3 years ago
Posted: 22 Oct 2018 15:11 EDT
Marissa Rogers (MarissaRogers)
MOD
Senior Community Moderator
Pegasystems Inc.
US
Hello!


 


Thank you for posting your query on PSC. This looks like an inactive post and hence, we suggest you create a new post for your query.
Show More
Hello!


 


Thank you for posting your query on PSC. This looks like an inactive post and hence, we suggest you create a new post for your query. Click on the Write a Post button that’s at the top of this screen and also on our Pega Support Community homepage.  Once created, please reply back here with the URL of the new post.


 


We have also sent you a private message opening up a communication channel in case you have any further questions.


 


Thanks,



Show Less
Posted: 3 years ago
Posted: 17 Jan 2019 4:43 EST
Mahendranath Reddy (MahendranathR6259)
CBA
Consultant
CBA
AU

I am facing similar issue. Is anyone able to find the solution for this issue? it will be of great help if you share the solution for this issue?


 

Accepted Solution

Posted: 3 years ago
Posted: 17 Jan 2019 5:03 EST
Ashwinraj Shekar (sheka1)
PEGA
Lead System Architect
Pegasystems Inc.
IN

We got a local fix from the support team. 

Show More

We got a local fix from the support team. 


Use the following local change.

1) Copy Code-Security.Logoff to application ruleset.
2) Comment out Step 6 - Show-HTML for pySAMLLogoffWithoutSLO

This will result in Code-Security.EndSession being called and the requestor being shut down properly.  



Show Less
Posted: 2 years ago
Posted: 17 Jan 2019 13:49 EST
Marissa Rogers (MarissaRogers)
MOD
Senior Community Moderator
Pegasystems Inc.
US

Hi @sheka1,


That's great news! Do you mind sharing your Support Request ID that gave you the local fix so that we can track?


Thanks!
Posted: 2 years ago
Posted: 28 Jan 2019 19:48 EST
Mahendranath Reddy (MahendranathR6259)
CBA
Consultant
CBA
AU

Hi Sheka1 ,


Thankyou for providing the solution on request . But for some reasons this solution is not working . May be my problem here is bit different. I have tried

 adding below code in overridden Web-Session-Return HTML rule for my issue and it works very well in IE . But dosent work in Chrome. Let us know if you have come accross anything similar .

     

<script language="javascript" type="text/javascript">

//  alert( "you are logged out");

  document.execCommand("ClearAuthenticationCache","false");

</script>


 


Thanks

Mahendra

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice