I have a big problem when I used rules with the sso that is by default “enabled”.
I created a rule based on ip address whitelist that check if the ip of the user is authorized.
So what happen is the user log in in my application , he put its correct credentials, so by this point it is successfully login, now the rule activate, he don’t have the correct ip, so he don’t pass the rule, and it is this by this point there are some big problem, the user is redirected to the login page but with the sso enabled, he can’t go to the login page because it is still log in ! so what i have is a page that reload without end !
Can you help me ? I don’t see how rules can work now if the user is successfully login but if he can’t pass the rules
PS: I need the SSO enabled so I can’t disabled it to fix my problem
The user should not be allowed to start an SSO session if they are not passing the rule. Can you show us the rule you are using, omitting sensitive data of course. Also, could DM me a HAR file of the transaction so I can take a look?
Yes the user can’t start the SSO session.
So what happened was that he tried to log in with its credentials pages but he don’t pass the rule so the page again , again and again , because sso is enabled and he still log in even if he don’t pass the rule.
I work it out and what I did was to redirect the user to the logout url in the rule to prevent the reloading page
Thanks for following up. Let us know if you need anything.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.