PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 12/3/2009 12:47 PM by  Ben Coonfield
Log out screen missing login/user and password fields
 9 Replies
Sort:
You are not authorized to post a reply.
Author Messages
Roger French
Private
Private
Veteran Member
(1304 points)
Veteran Member
Posts:542


Send Message:

--
11/4/2009 9:08 PM

    Yes, really.

    I've never seen this on Portal.

    When users log out of Portal, they are presented with a screen saying, "You have been logged out" . Yes obviously they have!!

    There is NO log in and password field which user can enter the id and password.

    This happens for all users and it doesn't matter which portal role xml they are using.

    This is Windows with Env 9.0.1.4 , Apps 9.0.1.2 and Portal version 9.0.1.4.199

     

    Thanks in advance,

    Roger

    Norm
    Private
    Private
    Veteran Member
    (120 points)
    Veteran Member
    Posts:40


    Send Message:

    --
    11/5/2009 5:53 PM
    We're HP UNIX, but I can confirm this unfortunate 'improvement' Lawson implemented with LSF 9.0.1.

    In LSF 9.0.0, when you logged out, it took you back to the login screen. In LSF 9.0.1 it shows you the screen you described, forcing you to re-establish the URL to get the login screen back.

    Guess we have to submit an enhancement request to get this back....
    Roger French
    Private
    Private
    Veteran Member
    (1304 points)
    Veteran Member
    Posts:542


    Send Message:

    --
    11/5/2009 7:08 PM
    That's just plain stupid imo.

    Sorry just a bit frustrated here about hearing this....but it's def not the first time.
    Greg Moeller
    Private
    Private
    Veteran Member
    (4132 points)
    Veteran Member
    Posts:1474


    Send Message:

    --
    11/10/2009 9:24 PM
    We are in the same boat here... The fact that the login window does not appear when you hit "Logout" is a big disappointment to all of us here at Genesis Health System. Perhaps someone from here has not yet submitted the enhancement request to bring us back to the login page. I'll have to check.
    Jimmy Chiu
    System Analyst
    Federal Government
    Veteran Member
    (1880 points)
    Veteran Member
    Posts:640


    Send Message:

    --
    11/12/2009 3:26 PM
    Yes, it's really stupid to not include the option for user to relogin via logout screen.
    JudeBac
    Private
    Private
    Veteran Member
    (335 points)
    Veteran Member
    Posts:129


    Send Message:

    --
    12/1/2009 1:44 PM

    It seems that I am a minority here. I like this feature and to me its an added security. We are not there yet but I wish Lawson also adds a button to close the window after a logout. We have common computers and closing the instance of IE is the surest bet the that employee cache is released.

    IMHO

    Mike Lamb
    Private
    Private
    Basic Member
    (17 points)
    Basic Member
    Posts:7


    Send Message:

    --
    12/1/2009 2:09 PM
    We stuck a very simple HTML redirect code on the logout page that sends you back to the login page after a second or two pause. Haven't had any issues with it...
    John Henley
    Private
    Private
    Senior Member
    (9899 points)
    Senior Member
    Posts:3317


    Send Message:

    --
    12/1/2009 2:15 PM
    Perhaps it should be a client-configurable option.

    Thanks for using the LawsonGuru.com forums!
    John
    Jeff White
    Private
    Private
    Veteran Member
    (231 points)
    Veteran Member
    Posts:83


    Send Message:

    --
    12/1/2009 3:28 PM

    Actually, this did not occur in 9.0.1 until 9.0.1.4.  We were on 9.0.1.2 for quite a while and did not have this issue until we upgraded.  We're running on the HP Integrity server  HP-UX 11.23.  And like most of the people on here, our users did not like this so called "enhancement".  Has anyone started the enhancement request that we can all put the "me too" on?  If not, I'd be glad to start one.

    Jeff

    Ben Coonfield
    Private
    Private
    Veteran Member
    (420 points)
    Veteran Member
    Posts:146


    Send Message:

    --
    12/3/2009 12:47 PM

    I suspect that Lawson implemented this as a workaround for a security issue that as far as I know has not been resolved.  In some cases, when a portal user signs off, and signs back on using the same browser and using a different userid, some (but not all) security checks may be performed using the prior userid rather than the new userid.  I have observed this with MSCM using DSSO and have been told by Lawson support that it can affect other applications including LBI, and that no fix was available.

    This appears to be due to some kind of caching.  For this reason and others I have advised users to ignore the log out option and just close the browser window since this prevented the occurance of two known issues.

    If you were to enter a new URL to re-login using the same browser or otherwise defeat this change you may encounter the above security problem, at least if the new login is for a different userid.  I have not seen any issues when logging back in using the same usierid.

    You are not authorized to post a reply.