Question
Anthem
US
Last activity: 4 Feb 2020 10:58 EST
Pega login fails with CookieDisabledException | PRPC731 and Tomcat.
Hi Team,
On intermittent basis,we could find pega portal login failure issues for end users with the below mentioned exception in the logs.
"com.pega.pegarules.priv.context.CookieDisabledException][STACK][com.pega.pegarules.priv.context.CookieDisabledException: An error has occurred which indicates that your browser does not support Cookies. You must enable Cookies in order to use this application."
Explored through PDN and could find the following article https://community.pega.com/support/support-articles/pega-login-fails-cookiedisabledexception which refers to updating the setsecurecookie value to false @PRPC719 and WebSphere (unlike our environment wherein setsecurecookie value has been set to true @ PRPC731 and Tomcat).
If the PDN article recommended resolution is applicable for us as well,please suggest the pros and cons of updating setsecurecookie from true to false along with its compatibility/feasibilty issues.
Thank you.
Pegasystems Inc.
US
thanks! The http/setsecurecookie setting requires you access the app through https. Did the error happen when using http? If yes, check if you have any proxy servers involved.
Pegasystems Inc.
IN
Hi Pradeep,
Please check the below article, if it helps you.
Thanks
Anthem
US
Hi,
Thank you for the article.It refers to a prconfig setting @ <env name="/Authentication/RedirectGuests" value="false" /> as a resolution @ PRPC718 version.
Is this applicable for PRPC731 as well ? If yes,please provide the corresponding DSS along with its functionality details (What does "Authentication/RedirectGuests" do ?).
Pegasystems Inc.
IN
Hi Pradeep,
Please try out the below, if it works.
Create a Dynamic System Setting named prconfig/Authentication/RedirectGuests/default with Pega-Engine as owning ruleset and set it to false
Thanks
Anthem
US
Thank you.
Also,Any idea about the recommended DASS functionality ? What does "Authentication/RedirectGuests" do ? How does this help with the issue in context ?
Pegasystems Inc.
US
Hi Pradeep,
I am unsure about the issue context, but I would like to give info about the setting.
RedirectGuests
Type: boolean
Default: True
Functionality: Process Commander sends information between the server and the client (browser) using URLs. These URLs can contain “query strings” which display calls to activities in the system or output streams of data.
Example: /pr3web/PRServlet/PCKVSeY1NqMu72E9CQuRw%5B%5B*/!Developer?pyActivity =ShowStream&pyBasePage=pyPortal&pyTargetStream= FramesetDeveloper HTTP/1.1
PegaRULES typically redirectes guests (unauthenticated requestors) to the standard URL format above in preparation for interactive authentication. Not all authentication schemes(like PRCustom) require this; if your authentication scheme doesn’t require interaction, set this entry to false to reduce network traffic.
Below is the link of the document for reference which contains descriptions about standard config settings.
https://docs-previous.pega.com/configuration-settings-reference-guide-prpc-61
Anthem
US
Hi Harish,
How do we know if our authentication scheme requires interaction or not ?
Could you also provide configuration setting reference guide for PRPC731 (Couldnt find it across PDN) ?
Thank you.
Pegasystems Inc.
US
There is no guide specific to 7.3.1 as the settings mentioned in the 6.x guide is standard and applicable from 5.x to 8.x
JFYI - During or Post-SSO authentication, engine API's will execute and checks if certain redirect request is needed or not and also checks for PegaRULES cookie if it does not exist at the time of redirect, it reports CookieDisabledException.
As you have multiple follow-up queries regarding impact & what's best for 7.3.1, I would strongly recommend you create SR and get it investigated by submitting the entire stackTrace and replication steps, so that we can further evaluate the issue and get the applicable settings based on your use-case.
Hope this helps!
Anthem
US
Issue has been observed to happen only in production environment and still trying to understand the pros,cons and feasibility regarding the recommended DASS implementation.