cancel
Showing results for 
Search instead for 
Did you mean: 

Do not allow to keep cookies on Pulse SAML embedded Browser

CQUISPE
Visitor

Do not allow to keep cookies on Pulse SAML embedded Browser

Hello, We've been setting up Pulse Client for Windows (9.1.x) to use it with SAML Azure, for VPN connection authentication. The conection works fine, but we noticed that the embedded browser uses existing cookies from Internet Explorer, for example, if the user decided to remenber its session, Pulse secure client will not prompt for user and password anymore.

Is there a way to never save the cookies so the user will be asked to enter its user and pass everytime (preferably controlled by server side)?

 

Greetings.

4 REPLIES 4
r@yElr3y
Moderator

Re: Do not allow to keep cookies on Pulse SAML embedded Browser

Embedded browser will fetch/use cookies since its using the browser framework and no setting can be enabled to stop it, hence i think the best way to resolve this is to do a SINGLE LOGOUT request to the SAML IDP, but that feature is not there for pulse client connections.

PCS Expert
Pulse Connect Secure Certified Expert
r@yElr3y
Moderator

Re: Do not allow to keep cookies on Pulse SAML embedded Browser

@CQUISPE 9.1R9 Pulse Client is having SAML SLO feature.

PCS Expert
Pulse Connect Secure Certified Expert
woodyak
New Contributor

Re: Do not allow to keep cookies on Pulse SAML embedded Browser

Our company has this exact issue. I have a ticket open with support and we're struggling to figure it out. We have SAML Single Logout configured running on 9.1r10. The problem only happens with company managed Windows10 Desktop Clients. Non company managed Win10 machines work as expected. Mac and Linux work as expected. Connecting to the same Role via browser works as expected. Just putting this out there to see if anyone else is struggling with this. 

zanyterp
Moderator

Re: Do not allow to keep cookies on Pulse SAML embedded Browser

this seems to be a limitation of using SAML as the authentication is done by the backend server
please open a case with our support team for further investigation