Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Pega IAC is using the existing session even after logoff

SA-31441

Summary



When a Pega Web Mash up user logout from parent application, Pega session is still active and not logged off.


Error Messages



Not applicable


Steps to Reproduce



1. Log in into portal using User1.
2. Perform any action in Internet Application Composer (IAC).
3. Log out as User1.
4. Observe that SMA still shows the User1 session.


Root Cause



A defect or configuration issue in the operating environment.

Resolution



Because there was a problem with the CORS or same origin policy logoff request from browser is not send to Pega.

Make the following changes to address this problem.


Changes to web.xml to relax CORS policy:

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
  <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>https://<parent application url></param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping> 
Suggest Edit

Published December 15, 2016 - Updated December 2, 2021

Did you find this content helpful? Yes No

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us