Question
Virtusa Corp.
US
Last activity: 10 Dec 2018 15:28 EST
Authentication Timeout
Hi Team,
In our application we have configured authentication timeout 28800 in access group and we have below settings in prconfig.xml
<env name="timeout/browser" value="2700" />
< env name="timeout/application" value="1800" />
No session-timeout in web.xml but still user is getting prompted for user name and password after 60 mins but business wants to keep it for 8 hours. Which setting is overriding access group settings in this scenario?
Accepted Solution
Virtusa Corp.
US
SUMMARY
A user's access group is set to time out after 8 hours, but they see their session time out after 1 hour, displaying a modal window credential challenge. Putting in the user's Pega credentials does not log them back in.
ERROR MESSAGES
Not applicable.
STEPS TO REPRODUCE
- Set a user's access group timeout to over 1 hour.
- Wait one hour.
ROOT CAUSE
A defect or configuration issue in the operating environment. WebLogic has a default timeout of 1 hour if no timeout is explicitly set. After 1 hour, the WebLogic timeout is triggered, leading to the issue.
RESOLUTION
Make the following change to the operating environment: Set the WebLogic timeout in the web.xml in prweb.war (repackaging any .ear being used if neccesary):
<session-config>
<session-timeout>480</session-timeout>
</session-config>
Replace "480" with your desired WebLogic timeout, in minutes.
Pegasystems Inc.
IN
Hi,
Hi,
Are you using external authentication? If you use SSO authentication , you can verify the Authentication Service data instance for timeout setting.
Also I think you are doing right but check the below discussion for clarity
https://collaborate.pega.com/question/does-pega-timeout-sessions-based-session-timeout-setting-webxml-722
https://collaborate.pega.com/question/session-timeout-increase
Thank You
Virtusa Corp.
US
Thanks Shekhar for the reply. We are not using external authentication. I have gone through all these links and all of them are suggesting access group timeout setting is priority if we are not using external authentication but not sure which one is overriding.
Regards,
Malli
HCL
IN
Hi Shekar,
What configuration in Authentication service we need to change? I could see a filed for timeout activity, but going through many timeout OOTB activities, I could not find any configuration related to timeout in those activities. Could you please tell how we can acheive this?
Accepted Solution
Virtusa Corp.
US
SUMMARY
A user's access group is set to time out after 8 hours, but they see their session time out after 1 hour, displaying a modal window credential challenge. Putting in the user's Pega credentials does not log them back in.
ERROR MESSAGES
Not applicable.
STEPS TO REPRODUCE
- Set a user's access group timeout to over 1 hour.
- Wait one hour.
ROOT CAUSE
A defect or configuration issue in the operating environment. WebLogic has a default timeout of 1 hour if no timeout is explicitly set. After 1 hour, the WebLogic timeout is triggered, leading to the issue.
RESOLUTION
Make the following change to the operating environment: Set the WebLogic timeout in the web.xml in prweb.war (repackaging any .ear being used if neccesary):
<session-config>
<session-timeout>480</session-timeout>
</session-config>
Replace "480" with your desired WebLogic timeout, in minutes.