SSO Logout Failure (403 Forbidden) After Clarity Upgrade
search cancel

SSO Logout Failure (403 Forbidden) After Clarity Upgrade

book

Article ID: 412285

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

Following a Clarity environment upgrade from version 16.1.1 to 16.3.2, Single Sign-On (SSO) users are unable to successfully log out. Instead of accessing the intended static Logout.html page (e.g., https://Clarity_URL/niku/Logout.html), they are redirected to an error page displaying "Error 403 Forbidden". The specific URL encountered is https://Clarity_URL/niku//niku/nu#action:union.externalError&c3RhdHVz=NDAz.

Environment

Clarity 16.3.2 

Cause

Clarity upgrades typically revert webserver configuration files to their default state. This action removes the explicit allowance for the custom Logout.html file within the Clarity Content Filter, causing the server to deny access.

Resolution

  1. Navigate to the Clarity installation directory: /PPM_HOME/Webroot/WEB-INF/.
  2. Open the Web.xml file for editing.
  3. Locate the XML block for the Clarity Content Filter (identified by <filter id="Clarity Content Filter">).
  4. Find the <param-name>allowedList</param-name> entry within this filter.
  5. Add Logout.html to the existing comma-separated list of values in the <param-value> tag.
    Example Snippet:
    xml <init-param> <param-name>allowedList</param-name> <param-value>Logout.html,DefaultPrint.css,FeaturePrint.css,...</param-value> </init-param>
Powered by Wolken Software