Application going to infinite loop when a user is locked/inactive in clarity with SSO enabled
search cancel

Application going to infinite loop when a user is locked/inactive in clarity with SSO enabled

book

Article ID: 231956

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

Classic Clarity Application going to infinite loop when a user is locked/inactive in clarity with SSO enabled

STEPS TO REPRODUCE: 

  1. Integrate clarity with SSO but not SAML 2.0
  2. In CSA set logout URL to https://www.google.com and Authentication URL to https://www.yahoo.com
  3. Lock one of the existing user and hit the classic clarity URL example https://clarity/niku/nu

Expected Results: When the user hits /classic clarity example https://clarity/niku/nu and met above criteria its expected to hit the authentication url and land to https://www.yahoo.com but it continues to loop through, however  when user hits modern ux url https://clarity/pm it works as expected and goes to logout url which is https://www.google.com and thats due to another defect DE62190 described in KB

Actual Results: The application continues to loop as its gets a xhr request with 302 and gets redirected to an clarity internal page i.e. action:union.internalServerError which is under /niku context hence application try to authenticate again and again

Environment

Release : 15.9.3 Patch 2, 16.0

Component : CLARITY SECURITY INTEGRATION

Cause

This is a defect DE63727 

Resolution

The defect has been fixed in upcoming release i.e. 16.0.1 as well as 15.9.3 patch 3

Powered by Wolken Software