The login page for a web site, and the page users are directed to when they log off, is the same; so when users log off, SSOWatch automatically logs them back in.
- SSOWatch logs the user in correctly to website.com/login.aspx, for example.
- When the user logs out, the web site returns the user to website.com/login.aspx, where SSOWatch automatically logs the user back in.
Is there a way to configure Enterprise Single Sign-On (ESSO) to prevent this type of behavior?
There is more than one method to do this, however, each requires that you modify the relevant Technical Definition in use. Two possible options are provided here.
Option 1: use the "Use SSO state criteria" and select "SSO has not been performed". That way the application won't be detected twice.
- Open the properties for the relevant Technical Definition and select the "Options" tab.
- Select the option "Use SSO state criteria" and then click the "Configure..." button:
- Select the second option, "SSO has not been performed" and then click "OK":
Test your application to confirm if the login loop still occurs.
Option 2: use a Custom Script and use a "Return" with the option "Disable the Window" or "Disable the Application" to prevent further detection.
Please refer to the following Knowledge Article for steps on how to create a Custom Script: Video: How to create a technical definition with custom script.
Using a "Return" in your custom script provides the following options:
Select either of the options, "Disable the Window" or "Disable the Application", then test your application to confirm if the looping continues.
If you have tested both of the above options and the looping still occurs, please contact Support for additional assistance.
Please refer to the SSOWatch Administration Guide for complete details on the detection options available with a Technical Definition.
The guide can be downloaded here: Enterprise Single Sign-On - Release Notes and Guides.
You may also view the SSOWatch Administrator Guide online: Enterprise Single Sign-On 8.0.6 – SSOWatch Administrator Guide