Authentication timeouts challenge not letting user in even after supplying correct credential multiple times
We are using v 7.1.5 & weblogic server and we have configured Authentication Timeout on access group level. While testing we have given 60 seconds as timeout. After timeout pega displays authentication challenge pop-up window to re-authenticate the user but even after supplying correct credentials multiple times pega doesn't let the user in, it keeps displaying the pop-up window asking for credentials again and again. Could some one please help me resolve this issue or let me know if I am missing something here.
Accepted Solution
JPMC
US
Hi Dilip - Yes, Pega support proposed to add pxSessionTimer section inside pyPortalHeader section in the portal harness and configuring proper parameter for this section should work OOTB. Since I was on v7.1.5 and due to some code issue with pega's OOTB pxSessionTimer section I had to customize to make it work.
JPMC
US
I tried even Dynamic system settings way of session timeout by creating prconfig/timeout/application/default and prconfig/timeout/browser/default settings and restarted the server but these settings doesn't seem working at all.
Can someone pls help me with this?
JPMC
US
Hi Marty Solomon / Chunzhi Hong
Could you please help me with this issue in my first post. I tried by supplying multiple time id/pwd when asked for re-authentication pop-up window again and again for more than 5 times and then finally I got below error message on the screen. Could you please help me resolve the issue?
I am copying the error message text below-
Hi Marty Solomon / Chunzhi Hong
Could you please help me with this issue in my first post. I tried by supplying multiple time id/pwd when asked for re-authentication pop-up window again and again for more than 5 times and then finally I got below error message on the screen. Could you please help me resolve the issue?
I am copying the error message text below-
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:10.4.2 401 UnauthorizedThe request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11. |
Accepted Solution
JPMC
US
Hi Dilip - Yes, Pega support proposed to add pxSessionTimer section inside pyPortalHeader section in the portal harness and configuring proper parameter for this section should work OOTB. Since I was on v7.1.5 and due to some code issue with pega's OOTB pxSessionTimer section I had to customize to make it work.