Question
Verizon
IN
Last activity: 25 Apr 2017 13:22 EDT
Want Browser to throw an error when timeout happens and ask to re-authenticate
Timeout for Browser and Application has been set to 1800 and 300 respectively through DSS and they are seen in the SMA too. Timeout is happening as expected because Passivation is taking place. But the Browser is not throwing any error to re-authenticate the requestor.
***Updated by moderator: Lochan to add Categories***
Accepted Solution
Verizon
IN
Hi Shantini,
Raised an SR on this and as per their response the following seems to be the correct solution for this.
Set authentication timeout value in every access group that we want to have a timeout, the other kinds of timeout do not provide a reauthentication challenge - instead, they control other things not related to authentication timeouts. Hence there's no way to do this using Pega OOTB controls other than using Access Group Auhentication Timeout.
Please refer https://community.pega.com/sites/default/files/help_v717/procomhelpmain.htm
Techmahindra
IN
Hello Sai Krishna,
Please show the screen which displays after timeout.
Also confirm your expectation on this and do you have any custom authentication service configured?
Regards,
Shanthini Charles
Verizon
IN
Hi Shantini Charles,
Expectation : After timeout of Application and/or browser the user should re-authenticate
But this is not actually happening. Normal Application screen is being displayed.
DSS Setting for Application timeout is : prconfig/timeout/Application/default is 300
DSS Setting for Application timeout is : prconfig/timeout/Browser/default is 1800
Also, <env name = "initialization/settingsource " value="Merged" />
We have noticed that timeout for both Application and Browser is occuring by checking in SMA-->Advanced-->Passivation Management. PFA screen shot for this. But the user must re-authentic his credentials, this is not happening.
Please give your Inputs
Thanks,
Saikrishna
Verizon
IN
Hi Shantini Charles,
Expectation : After timeout of Application and/or browser the user should re-authenticate
But this is not actually happening. Normal Application screen is being displayed.
DSS Setting for Application timeout is : prconfig/timeout/Application/default is 300
DSS Setting for Application timeout is : prconfig/timeout/Browser/default is 1800
Also, <env name = "initialization/settingsource " value="Merged" />
We have noticed that timeout for both Application and Browser is occuring by checking in SMA-->Advanced-->Passivation Management. PFA screen shot for this. But the user must re-authentic his credentials, this is not happening.
Please give your Inputs
Hi Shantini Charles,
Expectation : After timeout of Application and/or browser the user should re-authenticate
But this is not actually happening. Normal Application screen is being displayed.
DSS Setting for Application timeout is : prconfig/timeout/Application/default is 300
DSS Setting for Application timeout is : prconfig/timeout/Browser/default is 1800
Also, <env name = "initialization/settingsource " value="Merged" />
We have noticed that timeout for both Application and Browser is occuring by checking in SMA-->Advanced-->Passivation Management. PFA screen shot for this. But the user must re-authentic his credentials, this is not happening.
Please give your Inputs
Thanks,
Saikrishna
Verizon
IN
By Normal Application I mean the requestor is able to continue with his processing in the application. This system is not a single sign on
Thanks,
Saikrishna
Techmahindra
IN
Hello Saikrishna,
Thanks for confirming. However can you confirm the PRPC version at your end?
Have you done the below steps to customize your log off screen?
To customize the application to redirect users to a custom logout page instead, a template with required logic has been provided via RULE-OBJ-HTML @BASECLASS WEB-SESSION-RETURN-TEMPLATE. Copy its contents when overriding RULE-OBJ-HTML @BASECLASS WEB-SESSION-RETURN.
This template can be copied to a ruleset visible to unauthenticated requestors and used to override Web-Session-Return.
1. Create a RuleSet for your custom rules
2. Create a new access group and add the new RuleSet to it
3. Save the copy of WEB-SESSION-RETURN-TEMPLATE.
4. Update the Requestor Type
Regards,
Shanthini Charles
Accepted Solution
Verizon
IN
Hi Shantini,
Raised an SR on this and as per their response the following seems to be the correct solution for this.
Set authentication timeout value in every access group that we want to have a timeout, the other kinds of timeout do not provide a reauthentication challenge - instead, they control other things not related to authentication timeouts. Hence there's no way to do this using Pega OOTB controls other than using Access Group Auhentication Timeout.
Please refer https://community.pega.com/sites/default/files/help_v717/procomhelpmain.htm
Pegasystems Inc.
IN
Thanks for updating this discussion SaiKrishna!
Please let us the know the SR number so that we may tag this post to connect to that SR.
Thank you!