Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to force logout

Go to solution
ericgilmore
Tera Guru

‎12-20-2023 02:09 PM

ver.Tokyo

Working on a instance setup to use SSO. Login works as expected, but now I have a new requirement to now allow certain types of users to login. The setup also uses a "login script" that is essentially a transform map during the process. I have access to this and in one of the conditional steps I just wanted to end the entire login process IF the login process descends into the condition.

 

First I thought a simple "return;" would do the trick, but that's not right, this isn't a function. Now I believe I should maybe use GlideSession somehow to kill the session. Only I'm not seeing any explicit documentation saying something like "...to kill a user session, use this function call...".

 

So I'm guessing I would need to grab the current user session and kill it:

{ pseudo code : gs.getSession().killSessionWithFire(); } Only I'm not seeing anything like this yet.

 

I'm also not finding anything like { SAML2.logout() }

I just want to stop the login process and not allow certain users to login w/o going to their User entries and disabling their accounts or locking them out.

 

What's the right way to do this?

0 Helpfuls
  • 5,116 Views
1 ACCEPTED SOLUTION

Go to solution
ericgilmore
Tera Guru

‎12-20-2023 05:20 PM - edited ‎12-27-2023 01:56 PM

So this is what I've come up with so far. This seems to do the trick for now.

 

 

// Kill the current user's session, send to logout page

const sesh = new GlideRecord('v_user_session');
sesh.get('session_id',gs.getSessionID());
sesh.deleteRecord();
// found that this works better in the instance I'm working with...
gs.setRedirect('/auth_redirect.do?sysparm_stack=no&sysparm_url=logout.do');

 

 

Any better ideas are appreciated. Let me know.

View solution in original post

1 REPLY 1

Go to solution
ericgilmore
Tera Guru

‎12-20-2023 05:20 PM - edited ‎12-27-2023 01:56 PM

So this is what I've come up with so far. This seems to do the trick for now.

 

 

// Kill the current user's session, send to logout page

const sesh = new GlideRecord('v_user_session');
sesh.get('session_id',gs.getSessionID());
sesh.deleteRecord();
// found that this works better in the instance I'm working with...
gs.setRedirect('/auth_redirect.do?sysparm_stack=no&sysparm_url=logout.do');

 

 

Any better ideas are appreciated. Let me know.