Previously, users without a Spotfire account who tried to log in would see an "Access Denied, Contact Administrator" page. However, with Spotfire Server version 14.0.x, these users now encounter a login screen infinite loop in the browser. This issue has been observed across different browsers (Edge, Chrome), even after clearing browser cache and cookies

14.0.x

To restore the expected "Access Denied" page for unlicensed users and prevent the infinite login loop, apply the following configuration change on your Spotfire server:

1. Open an Administrative command prompt on the Spotfire server.
2. Navigate to the Spotfire Server's spotfire-bin directory. For example: cd C:\Program Files\TIBCO\Spotfire Server\version\tomcat\spotfire-bin (adjust the path according to your installation).
3. Export the current Spotfire Server configuration using the command: config export-config -f
4. Execute the following command to modify the security setting: set-config-prop --name="security.no-retry-on-post-authentication-block" --value="true"
5. Import the updated configuration back into the Spotfire Server: config import-config -c "noretry"

After applying these steps, unlicensed users attempting to access Spotfire via SSO will be presented with an "Access Denied" page, providing clear feedback instead of an unending login process.

When unlicensed users attempt to access Spotfire via Single Sign-On (SSO) using Open ID, they experience a permanent looping automatic login process instead of the expected "Access Denied, Contact Administrator" page. This behavior is consistent across all browsers.

Doc: export-config

• https://docs.tibco.com/pub/spotfire_server/latest/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/export-config.html

Doc: import-config

• https://docs.tibco.com/pub/spotfire_server/latest/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/import-config.html