SAP Knowledge Base Article - Public

2238747 - How to clean up loginMethod cookie in various browser?

Symptom

SSO users are unable to login to the Instance

Reproducing the Issue

Successfactors BizX Suite integrated with SSO (Single Sign On)

Cause

loginMethod cookie was set as PWD

Resolution

Cleaning up cookie by following the below steps will resolve the issue.

Clean up loginMethod cookie in IE

1. Go to SF domain in IE
2. Click the Tools button , select F12 developer tool
3. Click Cache -> View cookie information
4. If there is loginMethodCookieKey cookie, then click (Cache->clean cookies for domain).
5. Click Cache -> View cookie information, and make sure there is not loginMethodCookieKey cookie.
6. Login

For other versions IE browser, may try:

Navigate to SF domain, Click on IE browser.
Make sure the check-box was checked :Cookies and website data, then click “Delete”
Pls note: pls select other check-boxs carefully, such as “Passwords” ,you have to input your credential again once deleted when acces some website next time


Clean up loginMethod cookie in Chrome

Go to SF domain in IE
Click the Tools button, select more tools ->developer tools
Double check cookie
Clean up cookie if there is loginMethod cookie.

Or

Click the lock icon on Chrome browser:
Click “Show cookies and site data” on the dialog ,another dialog will pop-up, then select the domain and view “Cookies” data.
After view the cookie data, click , and select “History and recent tabs”, then click “History”
Click “Clear browser data” button on the pop-up page:
Select “the beginning of the time” and make sure “Cookies and other site and plugin data” is checked, then click ”Clear browsing data”
Pls note: Select other check-boxes carefully, such as “Passwords”, you have to input your credential again once deleted when you access some website next time.

Clean up loginMethod cookie on FireFox:

Navigate to SF domain, click on fireFox browser:

Click “History”, then click “clear recent history”
Select the time and make sure “cookies ” is checked, the click “clear Now":
Pls note: Select other check-boxes carefully, such as “Passwords”,you have to input your credential once deleted when you access some website next time.

Please see attached document for more information.


Question : Do SF support If the customer has mixed login scenario, i.e PWD user and SSO uesr try to login on the same computer ?

Answer : We doesn't support the above scenario officially,

The workaround for the above issue is

i. Clean up the loginMethod as described in the attached document.
ii. Somehow the cookie can't be clean up sometimes, add "loginMethod=SSO" parameter to the SSO user login request

Question: Does including loginMethod= in the URL do anything anymore?

Answer: BizX fetch loginMethod from request at first. Once the system gets it from request, the system will ignore cookie and login_method value in user_account and user_sysinfo table.

Question:If it does, are there certain URL's it works with and others that don't. In the past it seemed that using a ULR with /login in it respected the parameter but /sf/... URL's did not. How about URL's with /home or /sf/home or /start etc?

Answer: It works for all URLs now as SF fixed the related legacy bugs in b1508.

Question: Once the loginMethod cookie is set after logging in OK with either SSO or PWD are there URL's that can override the cookie.

Answer:
1. The use case for this is if a customer flips a user from PWD to SSO or SSO to PWD. We would like to tell them to use some specific URL rather than forcing them to clear cookies.
• For the user from SSO to PWD case, the cookie will be overwritten to PWD once successfully login.
• For the user from PWD to SSO case:
i)If it is non-SAML SSO protocol, such as token, the cookie will be overwritten to “SSO” once the user successfully login.
ii)If it is SMAL protocol, we cannot add loginMethod to the request. It need clean up the cookie before login.
2. Another use case is the initial login for any user when they don't have a cookie set. That leads back to the initial questions about the URL and parameters.
Right now we have users go to the generic login screen if they are PWD and the deep links default to SSO.The system will ignore login_method value in user_account and users_sysinfo tables if there is loginMethod= in the URL.

Keywords

Loginmethod SSO Single Sign On  , KBA , LOD-SF-PLT-SSO , Single Sign-on , Problem

Product

SAP SuccessFactors HCM Core 1605 ; SAP SuccessFactors HCM Core 1608 ; SAP SuccessFactors HCM Core 1611 ; SAP SuccessFactors HCM Core 1702 ; SAP SuccessFactors HCM Core 1705

Attachments

Clean up loginMethod cookie in IE 1.1.docx