The URL parameter SSOLogin=false fails to bypass SSO login after upgrading to 7.0.2 of RSA Identity Governance & Lifecycle

2 years ago

Originally Published: 2017-06-07

Article Number

000065181

Applies To

RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2

Issue

The non-SSO login URL parameter where SSOLogin=false (https://<hostname>/aveksa/main?SSOLogin=false) no longer works as expected after upgrading to RSA Identity Governance & Lifecycle 7.0.2.

Instead of being directed to the RSA Identity Governance & Lifecycle login screen, the user is redirected to the SSO login page. The same non-SSO login URL still works on older versions of RSA Identity Governance & Lifecycle (e. g., 7.0.0 and 7.0.1).

Cause

This is a known issue reported in engineering ticket ACM-75612.

Prior to 7.0.2, if a user was logged into RSA Identity Governance & Lifecycle and was logged out because of an application restart or because their session timed out, the resulting login page would reload only the login portion of the page, hence leaving the top and bottom menus displayed on the screen. Starting in 7.0.2, a fix to this issue (engineering ticket ACM-72710) was made to refresh the entire login page. This same fix caused the SSOLogin=false parameter that bypasses SSO login to fail.

Resolution

This issue is resolved in the following RSA Identity Governance & Lifecycle patches:

RSA Identity Governance & Lifecycle 7.0.2 P02
RSA Identity Governance & Lifecycle 7.1.0

Workaround

As a workaround, add the PageID parameter by appending &PageID=LoginPage to the non-SSO login URL. That should prevent the page from being redirected to the SSO login page.

For example, change the old URL:

FROM:

https://<hostname>/aveksa/main?SSOLogin=false

TO:

https://<hostname>/aveksa/main?SSOLogin=false&PageID=LoginPage.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles