Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Issue while accessing two Pega SSO environments

SA-9623

Summary



When loading two applications sequentially in Internet Explorer in a siteminder-protected environment. If the first application is PRPC, coming back to that application causes busy indicator to be displayed and does not clear.

Error Messages



Not Applicable

Steps to Reproduce



1. Open any two siteminder protected applications on Internet Explorer, the first one being PRPC.
2. Switch applications to observe the busy indicator.

Root Cause



There are two application involved here and both are accessed from the same domain:

https://<hostName.net>/prweb
https://<hostName.net>/pdda

Each application is on a seperate WebLogic cluster. The web servers are accessed via the same host name <hostName.net> with a plugin that directs the traffic to the proper WebLogic cluster based on context root. 

The core problem is that both applications are using the same WebLogic session cookie: JSESSIONID.

When connecting to PRPC the JSESSIONID is set to:

Set-Cookie: JSESSIONID=vHvHVszNl5QYyQnGTHn1Jbf1Gy2fYLhZcm5ZTJC2mMpzR82GQTgx!697134936; path=/; HttpOnly

At this point the browser has registered JSESSIONID to all paths of <hostName.net>

They do some work then connect to PDDA and the JSESSIONID is set to:

Set-Cookie: JSESSIONID=lLK2n3XkHv9pW-i6Mu_4PaG9G3VQ5GD210RTBC4T0R1iW8jBysZV!1761913519; path=/; HttpOnly

At this point the browser has registered JSESSIONID to all path of <hostName.net>, overwriting the one set from PRPC.

Notice that each of the set-cookies for JSESSIONID have path set to "/". Also each of them has a server ID in the cookie value:

prweb: 697134936
pdda: 1761913519

When returning to PRPC window the JSESSIONID set for PDDA is sent in the request to PRPC. This  results in an error becuase plugin at the web server level did not understand how to route a request to /prweb with a server id of 1761913519. So the plugin simply loadbalanced to a prweb server.  It's clear that it did this based on the response that set a new JSESSIONID with a different server ID.

Set-Cookie: JSESSIONID=YWS2n7CQS7UQQfporc1_I6gLkoWBvoUxrQDhYzzptzKzF8PhfHUQ!358146119; path=/; HttpOnly

Resolution



Below are the solutions:
  • Change the JSESSIONID cookie name of both prweb and PDDA (for example, JSESSIONIDPRPC / JSESSIONIDPDDA)
  • Change the JSESSIONID of both prweb and PDDA to include the content root in the path attribute of the cookie:
prweb:  path=/prweb
pdda: path=/pdda
  • Options 1 and 2 together will give the best overall seperation of session cookies for both application. You ca not just change one application, both must be modified. 

Tags:

Pega Platform Pega Platform 6.3 SP1 Data Integration

Published June 12, 2015 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Collaboration Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us