000035229 - The URL parameter SSOLogin=false fails to bypass SSO login after upgrading to 7.0.2 of RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Jun 7, 2017Last modified by RSA Customer Support on Oct 10, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035229
Applies ToRSA Product Set: Identity Governance & Lifecycle 
RSA Version/Condition: 7.0.2
IssueThe non-SSO login URL parameter where SSOLogin=false (https://<hostname>/aveksa/main?SSOLogin=false) no longer works as expected after upgrading to RSA Identity Governance & Lifecycle 7.0.2.

Instead of being directed to the RSA Identity Governance & Lifecycle login screen, the user is redirected to the SSO login page. The same non-SSO login URL still works on older versions of RSA Identity Governance & Lifecycle (e. g., 7.0.0 and 7.0.1).

This is a known issue reported in engineering ticket ACM-75612.

Prior to 7.0.2, if a user was logged into RSA Identity Governance & Lifecycle and was logged out because of an application restart or because their session timed out, the resulting login page would reload only the login portion of the page, hence leaving  the top and bottom menus displayed on the screen. Starting in 7.0.2, a fix to this issue (engineering ticket ACM-72710) was made to refresh the entire login page. This same fix caused the SSOLogin=false parameter that bypasses SSO login to fail. 

ResolutionThis issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P02
  • RSA Identity Governance & Lifecycle 7.1.0
WorkaroundAs a workaround, add the PageID parameter by appending &PageID=LoginPage to the non-SSO login URL. That should prevent the page from being redirected to the SSO login page.

For example, change the old URL: