0

Hi, Recently had a problem with one of the issues of my projects regarding anonymous users and SSO. What seemed to be happening was the following: 1st login. User clicks SSO button get directed to application. User clicks logout The application treats that user now as a Anonymous user. 2nd login. The user clicks the SSO button. Mendix directs the user to the Anonymous home page via the users role default home page flow. I noticed the SSO module users the LoginHelper class to login the user, should this be able to determine if the user is currently anonymous and then sign them in? Additional Notes: The login page is a separate html page to the main application html. I'm not sure for the reasoning behind this I think it was due to the original application not having anonymous users (something on these lines). I was able to solve the solution within our case anonymous users are only accessing deep links therefore if the user came in to the application not via a deep link I kicked off a java action to sign out the user and this seemed to handle the rest of the login correctly. In regards to the sign out I created a form that contained JS to redirect the user to the base url basically window.location = window.location.hostname This all does the job but I feel its a bit of a terrible solution. So my questions are: LoginHelper java handling of anonymous was what I did okay/ what is the better approach?

asked 2016-04-21

1 answers