The URL parameter SSOLogin=false fails to bypass SSO login after upgrading to 7.0.2 of RSA Identity Governance & Lifecycle
3 years ago
Originally Published: 2017-06-07
Article Number
000065181
Applies To
RSA Product Set: Identity Governance & Lifecycle 
RSA Version/Condition: 7.0.2
 
Issue
The non-SSO login URL parameter where SSOLogin=false (https://<hostname>/aveksa/main?SSOLogin=false) no longer works as expected after upgrading to RSA Identity Governance & Lifecycle 7.0.2.

Instead of being directed to the RSA Identity Governance & Lifecycle login screen, the user is redirected to the SSO login page. The same non-SSO login URL still works on older versions of RSA Identity Governance & Lifecycle (e. g., 7.0.0 and 7.0.1).
Cause

This is a known issue reported in engineering ticket ACM-75612.

Prior to 7.0.2, if a user was logged into RSA Identity Governance & Lifecycle and was logged out because of an application restart or because their session timed out, the resulting login page would reload only the login portion of the page, hence leaving  the top and bottom menus displayed on the screen. Starting in 7.0.2, a fix to this issue (engineering ticket ACM-72710) was made to refresh the entire login page. This same fix caused the SSOLogin=false parameter that bypasses SSO login to fail. 

Resolution
This issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P02
  • RSA Identity Governance & Lifecycle 7.1.0
Workaround
As a workaround, add the PageID parameter by appending &PageID=LoginPage to the non-SSO login URL. That should prevent the page from being redirected to the SSO login page.
 
For example, change the old URL:
 
FROM:
TO:

Related Articles

Trending Articles

Don't see what you're looking for?