Question
Unilever
IN
Last activity: 28 Sep 2022 12:07 EDT
Activity triggered on session timeout and redirect user to an external URL on session timeout
We are working on Pega 8.6.3 cloud with multiple applications hosted on it.
We have observed an existing behavior on the Pega cloud instance - once user session gets timed out and the user tries to take any action on Pega, the user is redirected to the Pega Login screen.
We have a specific requirement for one application where external users are invited to work on the application. These external users have SSO access to the application.
On the Pega login screen of the SSO url, there are different buttons corresponding to each Authentication service hosted by different applications on this cloud instance. Now when these external users' session get timed out they are also seeing the buttons to login to different applications which is seen as a security violation. So we are looking for some information to handle this situation in our application -
1. Which activity is triggered when the user session is timed out? Can we specialize this activity at application layer, to be more specific at access group level?
2. Is it possible to have a custom login screen html specifically for a particular access group? This will be displayed only when users with this access group are redirected. Need to make sure other users are not impacted due to this.
We are working on Pega 8.6.3 cloud with multiple applications hosted on it.
We have observed an existing behavior on the Pega cloud instance - once user session gets timed out and the user tries to take any action on Pega, the user is redirected to the Pega Login screen.
We have a specific requirement for one application where external users are invited to work on the application. These external users have SSO access to the application.
On the Pega login screen of the SSO url, there are different buttons corresponding to each Authentication service hosted by different applications on this cloud instance. Now when these external users' session get timed out they are also seeing the buttons to login to different applications which is seen as a security violation. So we are looking for some information to handle this situation in our application -
1. Which activity is triggered when the user session is timed out? Can we specialize this activity at application layer, to be more specific at access group level?
2. Is it possible to have a custom login screen html specifically for a particular access group? This will be displayed only when users with this access group are redirected. Need to make sure other users are not impacted due to this.
3. We have tried to specialize the Web-Session-Return html rule to redirect the user to an external URL on session time out. But it didn't work. This was done as per suggestion from other threads in the Pega Collaboration Center. Wanted to verify if this is a correct rule which can be used to redirect the user to an external URL.