Support Article

Problem In SSO login after upgrade to Pega 7.1.8

SA-12681

Summary



Post upgrade from PRPC 6.3 to  Pega 7.1.8 users are not able to login to their application using SSO.


Error Messages



ERROR d101vlconp01.nehr.mohh|d101vlconp01.nehr.mohh PEGA.TEST.DEV.02 - d101vlconp01.nehr.mohh: com.pega.pegarules.priv.context.CookieDisabledException
com.pega.pegarules.priv.context.CookieDisabledException: An error has occurred which indicates that your browser does not support Cookies. You must enable Cookies in order to use this application


Steps to Reproduce



Log into PRPC through SSO.


Root Cause



The environment users are testing this in does not have https enabled. Using the same URL they are using to test SSO, we could not connect with HTTPS. The Web Logic system does have a HTTPS port open and that is what they use to connect for development work but you are going directly to the Web Logic port. When they test SSO they are going through a different hostname that is HTTP only.
 
The configuration setting “HTTP/SetSecureCookie”  in prconfig.xml, which overrides any Dynamic System Setting, was set to true.  This setting adds the “secure” flag to any “Set-Cookie” HTTP response header for the Pega-RULES cookie. The “secure” flag tells the browser to only transmit the cookie over HTTPS. Since they were using HTTP this was causing problems because the browser would never transmit the Pega-RULES cookie after receiving it in a previous HTTP response. 
 

Resolution



 

Make the below changes into prconfig.xml, user is able to login.
 
“<env name="HTTP/SetSecureCookie" value="false"/>”
 
 

Published August 28, 2015 - Updated October 8, 2020

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.