Notifications

1250 views

Description

When authenticating through SSO, the glide cookie for the old Identity Provider initiated single sign-on is being used instead of the current Service Provider initiated single sign-on as defined by glide.authenticate.sso.redirect.idp.

Steps to Reproduce

 

  1. Configure your instance with the Multi-Provider SSO plugin.
    For more information, see the product documentation topic: Activate a plugin.
  2. Configure a new Identity provider record.
  3. Configure glide.authenticate.sso.redirect.idp with the corresponding sys_id.
    For more information, see the product documentation topic: Modify the primary and default IdP.
  4. Access the instance through SSO.
  5. Create a new identity provider record and configure glide.authenticate.sso.redirect.idp with the corresponding sys_id.
  6. Inactivate the previous IdP.
  7. Access the instance again through SSO without clearing browser cache or cookies.

Note that the old IdP is used.

 

Workaround

The best solution is to clear the associated cookie in the browser so the client is updated with the new sys_id on the subsequent visit to the instance.

To not force users to refresh their cookies, back up the old IdP record and then replace the information of the IdP record instead of creating a new one so the same IdP sys_id is used.

To clear the cookies on Firefox:

Clear the cookies on firefox


Related Problem: PRB717733

Seen In

Fuji Patch 13 Hot Fix 1
Geneva Patch 6 Hot Fix 2
Geneva Patch 7
Geneva Patch 8 Hot Fix 1

Fixed In

Jakarta Patch 8b Hot Fix 1
Kingston

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2018-10-08 11:56:20
Published:2017-09-22