Log out screen missing login/user and password fields

We're HP UNIX, but I can confirm this unfortunate 'improvement' Lawson implemented with LSF 9.0.1.

In LSF 9.0.0, when you logged out, it took you back to the login screen. In LSF 9.0.1 it shows you the screen you described, forcing you to re-establish the URL to get the login screen back.

Guess we have to submit an enhancement request to get this back....

That's just plain stupid imo.

Sorry just a bit frustrated here about hearing this....but it's def not the first time.

We are in the same boat here... The fact that the login window does not appear when you hit "Logout" is a big disappointment to all of us here at Genesis Health System. Perhaps someone from here has not yet submitted the enhancement request to bring us back to the login page. I'll have to check.

Yes, it's really stupid to not include the option for user to relogin via logout screen.

It seems that I am a minority here. I like this feature and to me its an added security. We are not there yet but I wish Lawson also adds a button to close the window after a logout. We have common computers and closing the instance of IE is the surest bet the that employee cache is released.

IMHO

We stuck a very simple HTML redirect code on the logout page that sends you back to the login page after a second or two pause. Haven't had any issues with it...

Perhaps it should be a client-configurable option.

Actually, this did not occur in 9.0.1 until 9.0.1.4.  We were on 9.0.1.2 for quite a while and did not have this issue until we upgraded.  We're running on the HP Integrity server  HP-UX 11.23.  And like most of the people on here, our users did not like this so called "enhancement".  Has anyone started the enhancement request that we can all put the "me too" on?  If not, I'd be glad to start one.

Jeff

I suspect that Lawson implemented this as a workaround for a security issue that as far as I know has not been resolved.  In some cases, when a portal user signs off, and signs back on using the same browser and using a different userid, some (but not all) security checks may be performed using the prior userid rather than the new userid.  I have observed this with MSCM using DSSO and have been told by Lawson support that it can affect other applications including LBI, and that no fix was available.

This appears to be due to some kind of caching.  For this reason and others I have advised users to ignore the log out option and just close the browser window since this prevented the occurance of two known issues.

If you were to enter a new URL to re-login using the same browser or otherwise defeat this change you may encounter the above security problem, at least if the new login is for a different userid.  I have not seen any issues when logging back in using the same usierid.