Idea ID: 1653257

Token Not Valid - Cookies must be deleted

Status : Waiting for Votes
Waiting for Votes
See status update history
over 3 years ago

Hi All,

ITSMA Full Containerized 2018.02 Patch 0001.

LDAP + SSO Enable (ADFS)

Current Behaviour:
When the IT Technicians' web browser displays the "You have been logged out due to session timeout."  message in SM due to user session timeout limit, they cannot access again into SM using the button "Login again" becuase the suite displays an error "Token no valid".

They have to clean all cookies, close the web browser and try again for logging into the SM. The customer end-users are complaining about it becuase they are using other applications (using the same SSO-ADFS) in the same browser, then they have to close all them closing the web browser and logging again. It's so irritating for them.

Expected Behaviour:
When SM displays the web page "You have been logged out due to session timeout." (url: https://<myurl>/webtier/sso_timeout.jsp?autoLogin=false), the suite has to remove the following cookies in order to be redirected to SSO login page for conneting SM again (entering the user credentials):

1_FIRST_LOGIN_SM.png --> The user could acces to the SM throught SSO.
2_SM_USER_SESSION_TIMEOUT.png --> SM displays the log out to the end user due to user session timeout
3_TRYING_TO_CONNECT_USING_CONNECT_AGAIN_BUTTON.png --> The user clicked on "Connect Again" botton and it seems that he is accessing to SM.
4_TOKEN_NO_VALID_ERROR.png --> The web browser displays the error when the Bullet 3 is finished.
5_COOKIES_TO_BE_DELETED.png --> The possible cookies that the suite has to remove when SM displays the user session timeout page.