Support Article

Mashup: pyDeleteDocumentPg call after issuing a logoff

SA-34877

Summary



Two gadgets are exposed to an external .NET application using IAC.
Reverse proxy is implemented using IIS.
No Pega Gateway

When the user either logs off from the external application or session timeout on external application, there is a call to pyDeleteDocumentPg after the logoff. The application is trying to generate another Pega session by creating a new Pega-RULES cookie immediately after the logoff is issued, this is creating troubles and until this newly created session is either killed using SMA or passive ID.

Error Messages



Call stack looks as follows:

/prweb/IAC/?pyActivity=Code-Security.LogoffMashup

prweb/IAC/ZsvSk3vV8PtgJEa4_x3fiQ%5B%5B*/!CMSWebApp/$PCAPPTCAL/?pyActivity=pyDeleteDocumentPg&pzFromFrame=&pzPrimaryPageName=pyDisplayHarness&pzHarnessID=HID2D592C86EB0D56920302FC290312D57A&pyPagesToRemove=D_UITemplateMeta


Sometimes, log says, no failure stream set by custom authentication activity.


Steps to Reproduce



Implement IAC and issue a logoff from IAC.


Root Cause



The gadget is just displaying harnesses from either Display or CreateNewWork actions. The logoff is being sent from the top level application and then the IAC gadget iframe is getting unloaded as the top level application navigates to it's logoff page. The harness level onbeforeUnload event is being triggered and calling pyDeleteDocumentPg.

Resolution



The solution is to have the top level application remove the listener for the harness level onbeforeunload event.

PRPC Changes:

Add the following Javascript function to UserWorkForm:

<script>
function setUIForPRPCLogoff(){

pega.util.Event.removeListener(window, "beforeunload",pega.u.d.harnessOnBeforeUnload);
}
</script>



Top Level App Changes:

The following is from an internal sample application.


function testLogOut(){
logOffPRPC();
/* top level logout can now occur */
document.location.href = "Logout.html";

}

function logOffPRPC() {

/*Find PRPC iFrame element which will be PegaGadget parameter plus "ifr" */
varprpcWindow = document.getElementById("[Gadget]ifr").contentWindow;
if (prpcWindow != null)
{
if (typeofprpcWindow.setUIForPRPCLogoff === "function") {
prpcWindow.setUIForPRPCLogoff();
}
}
/* Call PRPC logoff */
varlogoffURL = pega.web.config.gatewayURL+pega.web.config.systemID+"/!"+pega.web.config.appName
+"/$"+pega.web.config.thread+"?pyActivity=Code-Security.LogOffMashup";
xmlhttp=new XMLHttpRequest();
xmlhttp.open("GET",logoffURL,false);
xmlhttp.send();
}


Published March 10, 2017 - Updated March 11, 2017

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.