Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Logoff screen does not appear in Pega 7

SA-13034

Summary



On clicking the log off link, Code-Security.LogOff Activity is called but the log off screen does not appear in the application; instead it displays the login screen again. This is causing an issue in Siteminder where logoff link, automatically logs in the user. 


Error Messages

Not Applicable


Steps to Reproduce



1. Configure Pega 7 to use Siteminder.
2. Click log off.


Root Cause



The root cause of this problem is defect/misconfiguration in the operating environment. It is an expected behavior in Pega 7. 


Resolution

1. Create the ruleset unauthenticated.
2. Create a new access group for unauthenticated requestors. The access group has the unauthenticated ruleset mapped as production ruleset.
3. Map the access group created in the previous step to the Browser RequestorType.
4. Save the Web-Session-Return HTML Stream to the ruleset unauthenticated. 
The below out-of-the-box meta tag which redirects to login screen immediately is used. 
<META http-equiv="refresh" content="0;URL=<pega:reference name="$save(servURL)" />">

Without the meta tag, it will display a blank screen.

Use a meta redirect, to direct the browser to the third party logoff URL.
<META http-equiv="refresh" content="0;URL=http://{your site minder url}>


Notes:

•    It is important to know that the PRPC logoff, only logs off from PRPC and not third party security software like Siteminder.
•    To resolve this, update the Web-Session-Return and use a meta redirect to direct the browser to the third party logoff URL.  
•    The OTB Web-Session-Return contains a default meta redirect and you should change when using SSO to direct the user to the appropriate URL to log them off the security applications if required. 
•    You may also not want to log the user off of the security applications as that could affect any other applications protected by the third party security software open in other tabs in the current browser process. In this case simply remove the meta redirect.

Published August 28, 2015 - Updated October 8, 2020

Was this useful?

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us