Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Two new requestors created on logout redirect

SA-17281

Summary



When logging out of a custom servlet and attempting to redirect to another custom servlet on the same application, the user incorrectly gets logged back into the original custom servlet despite calling logout. 

Error Messages



Not Applicable


Steps to Reproduce



1. User navigates to the application. As they do not have a username/password, they click a link to register.
2. User is redirected to Pega on a custom SSO servlet for registration. For example: http://host:80/prweb/Registration
3. User fills out the screens required for user registration. On the final screen when the registration is complete they're given a "Close" button.
4. Upon clicking the "Close" button log-off type functionality is called. This includes:
a) An override version of Web-Session-Return that makes the redirect call: tools. sendHTTPRedirect(EndSession), and tools.clearActivityLists()
b) EndSession then runs and sets the 'window.top.location.href' to a new custom SSO servlet: http://host:80/prweb/MyWeb. This stream also calls "WebSessionReturn" to stop the requestor and clear the thread.
5. When the above runs it redirects to the http://host:80/prweb/MyWeb, which is then intercepted by SiteMinder. After authenticating with SiteMinder though the user is shown the /prweb/Registration page, instead of the /prweb/MyWeb starting page.


Root Cause



An issue in the custom application code or rules. The logout flag was not being properly set in the custom logout activities. The JavaScript for the page was calling functions to set onBeforeWindowClose and SetProcessWindowName.

Resolution



Perform the following local-change:

Below function needs to be called in the script that is being executed when Close button is clicked (custom logout functionality). This function will set the logoff related option to 'true' which is used by other scripts that executed when logoff is done.


funtion setLogOutFlag() {
   var desktopWindow =pega.desktop.support.getDesktopWindow();
   if ( desktopWindow != null ) {
       desktopWindow.logout = true;
   }
}  

 

Published January 31, 2016 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice