-
Type:
Customer Defect
-
Status: Ready for Developer (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: CFA 2022R2
-
Fix Version/s: None
-
Component/s: SSO
-
Labels:None
Description
While doing some testing I found that if the user log out from MxC and Log out from CFA Home site he will still have access to Inform if the user pastes the Inform URL directly in the browser or if he clicks to go back from the browser tab.
If you close all tabs and close the browser then when another user comes and use the Inform URL to login , he will not be asked for username/password, he will be logged in as the previous user due to having the cookies not expired yet or deleted for the previous user's session.
Environment : PROD
Store :
Steps
1. Open 'https://m.inform.cfahome.com/' in your browser, the page will be directed to CFA home site 'https://cfahome.okta.com/'.
2. Enter you username/Password and login, the 'https://m.inform.cfahome.com/#/Administration/SplashPage/SplashLandingPage' will open.
3. Log out from MXC, the page will be redirected to CFA Home site.
4. Log out from CFA Home site 'https://portal.cfahome.com/', CFA Home sign in page will be on the screen now and asking for credentials.
5. Close all tabs and your browser.
6. Open you browser again and try to Open 'https://m.inform.cfahome.com/'
Results :
MXC page will open without asking for Username/Password or redirecting to CFA Home.
Expected :
Page to be redirected to CFA Home re-enter Username/Password.
- blocks
-
CFAMX-11540 Production Defects
-
- Open
-