Layer 7 Access Management

Expand all | Collapse all

Session cache issue

Jump to Best Answer
  • 1.  Session cache issue

    Posted 09-12-2019 10:48 PM
    Hi Team,

    Could you please help us to resolve the below issue?

    User A logs into App A and Clicks another App B and logs out.
    Now user B logs into App A in the same login page in same browser and pasted that App B link in a new tab. Expected result is to route that link to login page but it directly took into App page and throwing some app error.
    Also User B doesn't have access to App B.

    I checked in the fiddler and I could see that SMsession is logged off when I click logout but still the app page is coming if we paste the url in the same browser...

    Could you please help me in resolving this issue?


  • 2.  RE: Session cache issue

    Posted 29 days ago

    Hi Karthik,

    Unless I'm not understanding the test correctly, that actually sounds like it could be the expected result.  The reason user B is not prompted to log in when requesting App B is this:

    "Now user B logs into App A"

    That sounds to me like user B established a session before requesting App B, and thus got an error for not being authorized by the application itself.  I'm not sure whether you expected User B to fail Siteminder authorization when requesting App B.  If so, examine the agent trace log to see how the agent handled User B's request for App B.  After the IsProtected call is made, you'll see the IsAuthorized call will identify the user and then the IsAuthorized call will execute.

    Regards,
    Pete  




  • 3.  RE: Session cache issue
    Best Answer

    Posted 27 days ago
    Karthik, Please take a look at the Comprehensive Log Out feature; e.g. for R12.8. Hope this helps.
    https://docops.ca.com/ca-single-sign-on/12-8/en/configuring/web-agent-configuration/comprehensive-log-out
    - Best wishes. Vijay