on 05-28-2015 7:20 AM
Hello All,
From past few weeks, I am facing an issue in our CE7.3 EHP1 SPS8 Portal's custom header/AFP, that when user clicks on 'Logout', screen refreshes and again loads portal with same user. No logout takes place.
It works OK in Chrome & Firefox.
Any ideas/pointers what must be going wrong here?
Thanks & Regards,
Amey
Hi Amey,
What is the UME that you are using?
If your are using Kerberos against LDAP you might face this issue due to SSO, try going to Internet Explorer -> Internet Options -> Advanced, and on the bottom of the list deselect "Enable Integrated Windows Authentication"
Ivan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ivan,
Yes, we are using Kerberos authentication.
If we set 'Enable Integrated Windows Authentication' to false, then it does not authenticate user using Kerberos and this is not desired.
The expected functionality is that user should be logged into portal using kerberos and once logged in there will be a link in header, 'Sign in as different user', clicking on which, it should clear session of current user and we have set redirect URL to http://host/irj/portal?spnego=disabled.
Thanks & Regards,
Amey
Hi Amey, Hope you are doing good. Nice to hear from you again. Please have a look at 1958240 - DSM terminator is called after logoff and note 1717945. What about the DSM terminator and the user_logoff when you actually log off from the server? Hope this helps. _ _ _ _ _ _ _ _ _ Kind Regards, Hemanth SAP AGS _ _ _ _ _ _ _ _ _
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Hemanth,
I had a look at both notes.
1958240:
Does not seem relevant because DSMTerminator is called 'before' logout component in our case.
1717945:
Does not seem relevant because , issue is not specific to any ABAP system etc. It's in general for portal level.
I don't see any specific logs in NWA when user clicks on 'Sign in as different user'. Or perhaps you can suggest for which applications I should increase log severity and then check again.
Thanks & Regards,
Amey
Hi Amey,
Hope you are doing good.
The best option would be to take a httpwatch trace of the log-off and check whether there is a call to any portal component (e.g. DSM terminator) after the request to the logoff component was triggered.You can also use the below link to force trigger a logoff:
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/19/667bae77684887bea80129800fd701/content.htm
Kind Regards,
Hemanth
Hello Hemanth,
We don't have HttpWatch installed on our machines. But attached is the trace from Fiddler2 tool.
And below is the code snippet of what I see written in LogOutComponen->doOnNodeReady method: -
final HttpServletRequest servletRequest = componentRequest.getServletRequest();
final HttpServletResponse servletResponse = componentRequest.getServletResponse(true);
UMFactory.getAuthenticator().logout(servletRequest, servletResponse);
servletRequest.getSession().invalidate();
final Cookie jSessionIdCookie = new Cookie("JSESSIONID", null);
jSessionIdCookie.setMaxAge(0);
jSessionIdCookie.setPath("/");
servletResponse.addCookie(jSessionIdCookie);
try {
servletResponse.sendRedirect("/irj/portal");
} catch (final IOException ioException) {
}
Thanks & Regards,
Amey
Hi Amey,
As you are facing the issue only with IE11, check if the settings are correctly done as per note
1458799.
Also check if you face the same issue with sap standard ajax or classic frameworkpage.
Thanks and Regards,
Sowmya K
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Sowmya,
Yes, with SAP standard ajax or classic frameworkpage, logout & sign in as different user works fine.
It's only with our custom AFP and header, it isnt working.
Users say it was working till last few weeks and suddenly stopped...
The expected functionality is that user should be logged into portal using kerberos and once logged in there will be a link in header, 'Sign in as different user', clicking on which, it should clear session of current user and we have set redirect URL to http://host/irj/portal?spnego=disabled
Thanks & Regards,
Amey
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.