Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Yogeshwaran Sundhararajan (yogeshwarans)
Tata Consultancy Services
Senior System Architect
Tata Consultancy Services
CA
yogeshwarans Member since 2017 1 post
Tata Consultancy Services
Posted: Jul 24, 2019
Last activity: Nov 3, 2019
Posted: 24 Jul 2019 17:17 EDT
Last activity: 3 Nov 2019 0:50 EDT
Closed

The Authentication timeout not working

I am using the SSO login for the users to login to the application. My requirement is to logoff the user after a particular idle time (for example 30 mins). I am using the authentication timeout field in the advanced tab of the access group, but the logoff session is not working. The help says the following

  • Access Group timeouts, also called authentication timeouts, are established in the Settings tab of the access group form. This setting applies only to interactive (browser-based) users. The system may challenge users who have not sent input to the server during a period, forcing them to reenter an Operator ID and password.

But it is not asking the users for their SSO login. Please Advice

Thanks in Advance,

Yogesh

***Moderator Edit-Vidyaranjan: Updated Platform Capability***

To see attachments, please log in.
Data Integration
Security

Posted: 5 years ago
Posted: 25 Jul 2019 2:08 EDT
Anuj Kumar Srivastava (Anuj Srivastava)
PEGA
Senior Solutions Consultant
Pegasystems Inc.
IN

Hi 

I am sure that timeout is happening in Pega. You can see in the URL that after timeout Pega must be sending the request to IDP for authentication. Just because IDP session is not timeout it is logging again.  What you can do it, check force authentication checkbox in advance setting in SAML SSO Rule form. It should work as expected. Force authentication will let IDP know that the session is timed out from the application. 

Thank you
Anuj

To see attachments, please log in.
Posted: 5 years ago
Posted: 31 Oct 2019 13:39 EDT
Aditya Banta (AdityaBanta)
Accenture

Accenture
SG

Hi Anuj,

This is working As Expected on IE browser (IE 11) but not on Google chrome, once the session is timed out, post refreshing the browser, the particular tab on which the user was logged in freezes.

This is not desirable as the users will not be able to proceed further within the application.

Could  you please suggest for the same?

Thanks,

Aditya

To see attachments, please log in.
Posted: 5 years ago
Posted: 27 Jul 2019 14:52 EDT
Gireesh Vetsa (GireeshV8858)
Decision Consultant Solutions
Lead System Architect & CDH Consultant
Decision Consultant Solutions
GB

If you use access group authentication time out in case of SSO or LDAP,

The behavior will be like after the specified time, the time out will happen and log off will happen in backend but you will not get redirected to the login page. But when you click on some thing on the screen like link or button, you can see the login page. This is known behavior.

You can think of using pxSessionTimer for log off which will log off the user completely and will show the login page.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice