Jump to content

SSO not working

lee mcdermott

By lee mcdermott
in Service Manager

 Share

Recommended Posts

lee mcdermott Experienced

lee mcdermott

Posted
Posted

Hi

 

Is anyone aware of any issues preventing log in with SSO since yesterday?

We had loads of calls from users and analysts who when clicking on the Log on with single sign on it just reloads the page but wont let them log in. Seems to be any browser.

Sometime a full reboot works or clearing the cache has worked. Some people it doesnt seem to have affected.

I just wondered if this was a Hornbill issue or something locally at our end?

 

thanks

lee

Link to comment
Share on other sites
HHH Mentor

HHH

Posted
Posted

In Chrome if you press F12 you get the developer/investigation thing, and if you are on the login page for Hornbill and click on Cookies int this view you see the cookies related to Hornbill. Delete them all, and then log in.

This worked for us.

Link to comment
Share on other sites
matthew.payne Rookie

matthew.payne

Posted
Posted

We are having an issue if you click on the 'Sign in with SSO' option it will just take us back to the same page and never logs them in? I have cleared cache/cookies and then it allows me to log back in. But then have to do the same every time? This is effecting all users.

 

Any ideas? :) 

  • Like 1
Link to comment
Share on other sites
TrevorHarris Proficient

TrevorHarris

Posted
Posted

Hi @matthew.payne

Can I ask what browsers you are seeing this problem in?  If you are experiencing the problem in Chrome is it possible you can send a screenshot of the cookies that are set before you delete them next time you see the problem.  You should be able to see this by pressing F12 which will open the debug tools and selecting the Application tab and clicking on Cookies > https://live.hornbill.com on the left hand side

Thanks

treovr H

Link to comment
Share on other sites
HHH Mentor

HHH

Posted
Posted
5 minutes ago, matthew.payne said:

Hi @TrevorHarris

I am using Edge, but a colleague uses Chrome so will ask them to get this for you.  I will send this over as soon as i get this from them.

Thanks,

Matt

https://docs.microsoft.com/en-us/microsoft-edge/devtools-guide-chromium/storage/cookies#:~:text=%20View%2C%20edit%2C%20and%20delete%20cookies%20with%20Microsoft,box%20to%20filter%20cookies%20by%20Name...%20More%20

Link to comment
Share on other sites
TrevorHarris Proficient

TrevorHarris

Posted
Posted

Hi all,

Sorry you are having problems with this.  We are still investigating this problem, can I ask what URL you are seeing in the address bar when you see the login screen and also a screenshot of what cookies you see when you are having this issue.

You should be able to see this by pressing F12 which will open the debug tools and selecting the Application tab and clicking on Cookies > https://live.hornbill.com on the left hand side

Thanks

Trevor H

 

Link to comment
Share on other sites
Gerry Grand Master

Gerry

Posted
Posted

@HHH @matthew.payne @AlexOnTheHill @LifeOfJonny @RobW

Hi All, we have been trying to track this problem down for a few days now. It seems that most customers are not seeing this issue, but a small number of you are. What we are unclear os, is what the extent of this issue is, and what patterns that might emerge from this line of questioning.  So I have a bit of an explanation for you and then some questions, if you can all read and answer the questions it would really help. 

So in the more recent releases we have changed the way SAML requests are handled.  Previously, a SAML response (Assertion) from your iDP (Active Directory for most) would redirect to code in PHP on the front-end servers, which would make an API call to your instance via an API. This was inefficient and we have been systematically removing the use of PHP from the front end servers.  To that end, we have implemented a new API endpoint which directly handles the SAML Assertion response. However, to maintain backwards compatibility with your existing SSO profiles (so you do not have to re-create them as we roll out these changes) we have left the original PHP endpoint in place, but instead of processing the SAML assertion and calling the API, it simply tells the browser it should re-direct to the new endpoint with a 307-moved permanently redirect response.  As I say, this is working for the vast majorly of customers and has been for the last couple of weeks. We cannot see any technical reason for this, and have added more logging to try and understand what is happening, and its also very odd that once you clear your cookies this starts to work again.  What we need is some clarity around the circumstances when this issue occurs.  If you could each answer the following this would be really helpful for us. 

* When the issue occurs, is the only way to make it work for you is by you clearing the cookies?
* When the problem occurs, you press the login button, and it redirects you back to the login page.  If you press the login button again, does it just keep on re-directing back to the login page?
* How many of your users are affected by this? is it all of your users?
* Are you using the Service Portal? And are you seeing any issues there?
* When you clear the cookies, and login successfully, do you see the problem again the next day?
* If the answer to the above is yes, when you have logged in successfully, if you logout do you see the problem again? or does it work?
* Same as above, but when you log in successfully after clearing the cookies, if you close the browser and then open it again, do you see the same issue? or are you able to log in?
* How re-creatable is this issue, and if you can create this at will, are you willing to jump on a Zoom call and share you screen with one of our devs so we can investigate further with you?

We are sorry this remains a problem, we are very keen to fix this, but with the information we have so far we are pretty stumped at this point, any held would be much appreciated. 

Gerry



 

 

Link to comment
Share on other sites
matthew.payne Rookie

matthew.payne

Posted
Posted

Hi @Gerry

* When the issue occurs, is the only way to make it work for you is by you clearing the cookies? Yes or we can click on the 'direct login' which allows us to login.
* When the problem occurs, you press the login button, and it redirects you back to the login page.  If you press the login button again, does it just keep on re-directing back to the login page? Yes, it just redirects back to the same page. 
* How many of your users are affected by this? is it all of your users? I believe it is all of ours users. There are atleast 4 in IT with this problem but other users around the organisation have been raising issues about this. 
* Are you using the Service Portal? And are you seeing any issues there? Sorry when you say service portal, we are experiencing issues from our customer end user portal and the request list side. 
* When you clear the cookies, and login successfully, do you see the problem again the next day? Yes
* If the answer to the above is yes, when you have logged in successfully, if you logout do you see the problem again? or does it work? No we do not see this issue again. You are able to login as expected. 
* Same as above, but when you log in successfully after clearing the cookies, if you close the browser and then open it again, do you see the same issue? or are you able to log in? No we are able to login.
* How re-creatable is this issue, and if you can create this at will, are you willing to jump on a Zoom call and share you screen with one of our devs so we can investigate further with you? I can try a restart of my machine and jump on a zoom call so you can investigate no problem.

Link to comment
Share on other sites
LifeOfJonny Collaborator

LifeOfJonny

Posted
Posted

When the issue occurs, is the only way to make it work for you is by you clearing the cookies?
Clearing the Cookies or clearing all site data fixes the issue.
When the problem occurs, you press the login button, and it redirects you back to the login page.  If you press the login button again, does it just keep on re-directing back to the login page?
I can keep pressing login and it always redirects me back to the login page, even if I browse back to the root of my instance and try
How many of your users are affected by this? is it all of your users?
Not all, but some have reported it and getting used to clearing the cookies and site cache.
Are you using the Service Portal? And are you seeing any issues there?
No we only use the live.hornbill.com
When you clear the cookies, and login successfully, do you see the problem again the next day?
Yes
If the answer to the above is yes, when you have logged in successfully, if you logout do you see the problem again? or does it work?
Yes, pressing logout and I can't login again.
Same as above, but when you log in successfully after clearing the cookies, if you close the browser and then open it again, do you see the same issue? or are you able to log in?
close browser, when it opens back up I'm still logged in.
How re-creatable is this issue, and if you can create this at will, are you willing to jump on a Zoom call and share you screen with one of our devs so we can investigate further with you?
Normally most of the time, but not always, but it happens every morning like clockwork though. I do use continue where I left off in Chrome and Hornbill is usually a tab I always have open.

Link to comment
Share on other sites
Adrian Simpkins Grand Master

Adrian Simpkins

Posted
Posted

Hi All - my comments as below:

* When the issue occurs, is the only way to make it work for you is by you clearing the cookies?

I have not cleared cookies as such, I just close the browser, relaunch then it lets me logon (I leave my browser open when i finish for the day so when i start again next time I normally just click the SSO logon page on one of the open pages, and it then activates all the other windows open). I will check this in the morning by clearing cookies and update this post.
* When the problem occurs, you press the login button, and it redirects you back to the login page.  If you press the login button again, does it just keep on re-directing back to the login page? 

Yes just keeps moving back to the SSO logon page after clicking SSO logon button.
* How many of your users are affected by this? is it all of your users?

I do not have definitive figures but there are at least 5 affected users in my area (other users are all working off site so unsure if they are having this issue).
* Are you using the Service Portal? And are you seeing any issues there?

No, normally I logon to the Request List initially, I will try the Service Portal 1st tomorrow morning.
* When you clear the cookies, and login successfully, do you see the problem again the next day?

Need to clear cookies as have been able to just kill the browser session and relaunch to get past the SSO logon issue.
* If the answer to the above is yes, when you have logged in successfully, if you logout do you see the problem again? or does it work?

TBC
* Same as above, but when you log in successfully after clearing the cookies, if you close the browser and then open it again, do you see the same issue? or are you able to log in?

TBC
* How re-creatable is this issue, and if you can create this at will, are you willing to jump on a Zoom call and share you screen with one of our devs so we can investigate further with you?

Only seems to occur after logging on in the morning, once logged on for the day I am not having any problems. 


Many thanks

Link to comment
Share on other sites
LifeOfJonny Collaborator

LifeOfJonny

Posted
Posted
1 minute ago, PeterL said:

Any update on this issue as we are also having the same issue with SSO where it will just loop the log in screen and not let the user log in unless they clear cookies & cache or restart the machine. 

Fill in the questions from this reply, so they can get a good understanding. ;-)

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...