HFM and Session Timeout

Similar Messages

• Webcenter Spaces internal error page and session timeout page customization

  Hi
  On what basis is an internal error page shown in webcenter spaces? What triggers it?
  Is it possible to customize the internal error page that shows up on webcenter spaces?
  Or atleast redirect to a custom error page on any exception occured?
  Is there any other way to handle it?
  Also, how to customize the session timeout page? Is it possible?
  There seems to be a servlet being called for session timeout display i dont see any page being redirected to.
  Environment details: Webcenter Spaces 11.1.1.6
  Help needed on this asap please.
  Thanks

  Hi,
  I was experiencing the same problem with customizing the session timeout page. I found out that you can set a custom webcenter attribute in the webcenter-config.xml called "wcSessionTimeoutURL" which overrides the default servlet response and redirects the the specified path.
  In my example, I created a business role page, set it to be publically accessible, then used the Red Samurai MDS Cleaner taskflow to modify the custom attributes in webcenter-config.xml in the following way:
  <webcenter:custom-attributes>
  <attribute name="wcSessionTimeoutPeriod">
  <description/>
  <type>java.lang.String</type>
  <value>45</value>
  <visible/>
  </attribute>
  *<attribute name="wcSessionTimeoutURL">*
  *<description/>*
  *<type>java.lang.String</type>*
  *<value>/faces/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/Page1.jspx</value>*
  *<visible/>*
  *</attribute>*
  </webcenter:custom-attributes>
  Hope that helps!

• PPR and session timeout cookie

  Scott,
  Is there anyway of getting the PPR functionality to update the session timeout cookie whenever a PPR request is made???
  Thanks..

  I am using your session timeout function from otn.
  I am using it to timeout after a set period of inactivity, every time the page is redrawn the cookie time is updated.
  I am calling this function from the 'Session Verify Function' field in the authentication scheme, and initially setting the cookie on login.
  I believe that the cookie only gets updated when the page is re-drawn and the Session Verify Function is run??
  On a PPR request only part of the page is refreshed, the page header remains unaffected, which means the user can be active on a page without refreshing the timeout value on the cookie?
  (Not a major problem, but would be nice to be able to update the cookie on a PPR request as well)
  Thanks..

• Session Replication and Session Timeout -- Urgent

  WLS -4.5.1 SP 11
            OS - both NT and Sol
            HI All
            The session does not seems to timeout when running the Weblogic servers in
            clustered mode with in-memory session replication on.
            This problem seems to be there in version5.1 too , as per another post , it
            seems to be solved in WLS5.1 sp 8
            Could anyone pls confirm in which patch in WLS 4.5.1 is the problem
            addressed . I'm using patch 11 and am getting the problem.
            Thanks in advance..
            -Surya
            

  Try SP13 and if the problem persists, contact [email protected]
            -K
            Surya B Maithani wrote:
            > WLS -4.5.1 SP 11
            > OS - both NT and Sol
            >
            > HI All
            >
            > The session does not seems to timeout when running the Weblogic servers in
            > clustered mode with in-memory session replication on.
            > This problem seems to be there in version5.1 too , as per another post , it
            > seems to be solved in WLS5.1 sp 8
            >
            > Could anyone pls confirm in which patch in WLS 4.5.1 is the problem
            > addressed . I'm using patch 11 and am getting the problem.
            >
            > Thanks in advance..
            >
            > -Surya
            

• ADF Faces JDev 10g Dialog framework and session timeouts

  Hi,
  using ADF Faces & BC 10.1.3.4 for a web application with a main page that opens a dialog where the uses fill out stuff and click next until complete. Occasionally they will leave the application open and the session times out and when they go to use it they get the login page inside the dialog. They login but as expected the whole state of their session is lost resulting in no or the wrong record being displayed. Additionally of they go back to the parent window the row keys are all stuffed, they get the first record in the dialog even though the record from the previous session was still shown on the screen.
  Any web developer would know to close the dialog and login properly, but this for end users of any experience level.
  Is there anyway to prevent the login screen appearing in the dialog or at least direct them to properly re-establishing the session?
  Brenden

  Hi,
  the question is how you identify that the page is loaded in a dialog window. Because if you know this then the redirect would be to a html page that has an onLoad event defined that calls window.close();. Next problem then however is that the calling parent page too is timed out.
  Frank

• What is the difference between Session timeout and Short Session timeout Under Excel Service Application -- session management?

  Under Excel Service Application --> session management; what is the difference between Session timeout and Short Session timeout?

  Any call made from the API will automatically be set to the “Session Timeout” period, no matter
  what. Calls made from EWA (Excel Web Access) will get the “Short Session Timeout” period assigned to it initially.
  Short Session Timeout and Session Timeout in Excel Services
  Short Session Timeout and Session Timeout in Excel Services - Part 2
  Sessions and session time-outs in Excel Services
  above links are from old version but still applies to all.
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Idle/session timeout vs sleeping client

  Hello,
  We will soon upgrade to WLC from 7.4.110 to 7.6.120 and find out a new feature : spleeping client.
  I was wondering the purpose of the sleeping client vs idle timeout/session timeout.
  In our case we have an idle client set to 14400 seconds (4H) and session timeout set to 28880 (8H) for web-auth SSID. Thus, even if a laptop is sleeping for 3H it will still be authenticated as the idle timeout has not been reached.
  Based on those facts, what will be the purpose of the sleeping client feature as it must be set higher than the session timeout ?
  Thanks for your support :-).

  make sure that the session timeout is greater than the client idle timeout, otherwise the sleeping client entry would not be created.
  After entering the appropriate login credentials for web-auth, the client get authenticated and moves to RUN state.
  Now if the client configured is idle for 300 seconds (default idle timeout value) or disconnects from the WLAN it is connected to, then the client will move to sleeping clients.
  Once the client is moved to the Sleeping Clients, the timeout session starts and the remaining time before the client entry is deleted/cleared is displayed.
  If the client wakes up or joins back to the same WLAN, it doesn't require re-authentication.
  the number of sleeping clients that are remembered has increased to 25000 from the previous 9000. A larger number of sleeping clients are remembered even after waking up, on the wireless network with high-scale Cisco WLCs. This eliminates the need for user intervention to re-enter credentials for a greater number of clients.

• Session Timeouts and SmbServer

  Hi,
  When having iFS mapped to a network drive (via SMB), the SMB server
  is unable to recover from a timeout of the LibrarySession. The network
  drive then seems to be empty and doing a refresh within explorer
  doesn't help either. The only thing that helps, is remapping the
  network drive.
  Within Node.log of iFS I see this stacktrace.
  7/10/02 9:02 AM SmbServer: oracle.ifs.common.IfsException
  oracle.ifs.common.IfsException: IFS-21000: Session is not connected or has timed-out
  at java.lang.Throwable.fillInStackTrace(Native Method)
  at java.lang.Throwable.fillInStackTrace(Compiled Code)
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.common.IfsException.<init>(Compiled Code)
  at oracle.ifs.beans.LibraryObject.verifyConnected(Compiled Code)
  at oracle.ifs.beans.Folder.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
  at oracle.ifs.protocols.smb.server.DbTree$DbQuery.<init>(Compiled Code)
  at oracle.ifs.protocols.smb.server.DbTree.getQuery(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.trans2FindFirst(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.replyTransaction2(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComTrans.process(Compiled Code)
  at oracle.ifs.protocols.smb.server.ComSmb.handleSmbMessage(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.handleNbMessage(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.readPackets(Compiled Code)
  at oracle.ifs.protocols.smb.server.SmbThread.run(Compiled Code)
  This behavior actually causes us big problems when editing files via MS Office.
  Fortunately Office is able to still save it's data using some generated filename.
  (At least until now I could not create any data loss)
  But then you have to close it, remap then network drive, rename the file and then
  reopen the file. This is big trouble to users, which are not familiar with mapping
  network drives and renaming files with extensions.
  Is there a way to make the SmbServer keep the LibrarySession alive, as long as
  the network drive is mapped ?
  Regards,
  Jens Lorenz

  Workflow #2:
  Login to my account
  Click view all email
  Open Drafts Folder
  Open draft email response
  Select "Send" to send email (total in session time of 30 seconds)
  On screen reload, where I would expect to see some sort of indication that my email was successfully sent, instead the system throws session time out message and kicks me out.
  I have no idea if my email was successfully sent or not.
  Workflow #3:
  Login to my account
  Click view all email
  Attempted to open the first new email in my inbox (total time in session <15 seconds)
  System throws session timeout error and kicks me out to the main login.
  There is obviously something going on with your session holding code. The session variable is not being passed correctly or something but it's very, very frustrating to spend 30-45 minutes trying to type out a couple of lines, particularly when you have multiple important activities going on that you need to respond too via email.

• Session timeout and custom sso

  Hi,
  can anyone tell me how the session and idle timeout feature in Apex exactly works?
  I built several applications in a workspace and do a sso authorization by setting a common cookie name. In addition to that i set the values for session length and idle timeout and assumed that the session length would be synchronized over all applications. But this doesn't seem to work. For instance, i set the idle timeout to 10 minutes in all applications and now i work for 15 minutes continously in application A and after that i switch over to application B (using the same session id!), the session is already expired in B.
  Is this behavior correct? And, if yes, how can i set up a synchronization over all applications?
  Jens

  Anyone?

• Hi I have two questions. I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users? How is the session timeout set? Thanks, YS

   

  <i>I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users?</i>
  Um, there is no such thing as NAS4.1.
  I'm assuming that you mean NAS4.0 (maybe NAS4.0sp1?). If so, then the session timeouts are specified in the session section of the NTV configuration files.
  AFAIK, you can specify session timeouts on a per user basis.

• Session timeout and Custon login module

  Hi,
  Dev Platform: Jdev 10.1.3.4.0, Oracle 10.2.4
  I'm trying to trap the session timeout and display a page. I'm using the code below from Frank Nimphius. I've also provided a console log of what is happening when the application times out. Instead of the filter being called the system is calling the dblogin module and attempting to login the anonymous user. I renamed the anonymous user and I just see log entries where the system attempted to find the anonymous user.
  If I use the application to logout I get a Logout page with a button to confirm the logout. When I press the button the session is invalidated and the filter code brings up my "Session Timeout" notification page. This isn't what will happen in the end but I just wanted to tell you that the filter does work in certain instances.
  How can I make the system not attempt to login the anonymous user and have the filter code run?
  TIA, Dave
  package isdbs.view.security;
  import java.io.IOException;
  import javax.servlet.Filter;
  import javax.servlet.FilterChain;
  import javax.servlet.FilterConfig;
  import javax.servlet.ServletException;
  import javax.servlet.ServletRequest;
  import javax.servlet.ServletResponse;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  public class ApplicationSessionExpiryFilter implements Filter {
      private FilterConfig _filterConfig = null;
      public void init(FilterConfig filterConfig) throws ServletException {
          _filterConfig = filterConfig;
      public void destroy() {
          _filterConfig = null;
      public void doFilter(ServletRequest request, ServletResponse response,
                           FilterChain chain) throws IOException, ServletException {
          String requestedSession =   ((HttpServletRequest)request).getRequestedSessionId();
          String currentWebSession =  ((HttpServletRequest)request).getSession().getId();
          boolean sessionOk = currentWebSession.equalsIgnoreCase(requestedSession);
          // if the requested session is null then this is the first application
          // request and "false" is acceptable
          if (!sessionOk && requestedSession != null){
              // the session has expired or renewed. Redirect request
              ((HttpServletResponse) response).sendRedirect(_filterConfig.getInitParameter("SessionTimeoutRedirect"));
          else{
              chain.doFilter(request, response);
  }Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.RealmUserAdaptor isMemberOf
  FINE: JAAS-OC4J: Membership check for group: ISDBS_USER failed for user: anonymous
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option debug = true
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option log level = log all
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option logger class = null
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option data_source_name = jdbc/elearnDS
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option user table = TBL_LOGIN
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles table = XREF_LOGIN_ROLE
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option username column = LOGIN_NM
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option password column = PASSWORD
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles column = ROLE_NM
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option user pk column = LOGIN_NM
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles fk column = LOGIN_NM
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option password encoding class = oracle.sample.dbloginmodule.util.DBLoginModuleClearTextEncoder
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option realm_column = null
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option application_realm = null
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] login called on DBTableLoginModule
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Calling callbackhandler ...
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Username returned by callback = null
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] User query string: select LOGIN_NM,PASSWORD, LOGIN_ATTEMPTS, ACTIVE_IND from TBL_LOGIN where lower(LOGIN_NM)= lower((?))
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Logon Successful = false
  09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Abort called on LoginModule
  Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.OC4JUtil doJAASLogin
  WARNING: Login Failure: all modules ignored
  javax.security.auth.login.LoginException: Login Failure: all modules ignored
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
       at oracle.security.jazn.oc4j.OC4JUtil.doJAASLogin(OC4JUtil.java:241)
       at oracle.security.jazn.oc4j.GenericUser$1.run(JAZNUserManager.java:818)
       at oracle.security.jazn.oc4j.OC4JUtil.doWithJAZNClsLdr(OC4JUtil.java:173)
       at oracle.security.jazn.oc4j.GenericUser.authenticate(JAZNUserManager.java:814)
       at oracle.security.jazn.oc4j.FilterUser.authenticate(JAZNUserManager.java:1143)
       at com.evermind.server.http.EvermindHttpServletRequest.checkAndSetRemoteUser(EvermindHttpServletRequest.java:3760)
       at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:706)
       at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
       at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)
       at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)
       at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)
       at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
       at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
       at java.lang.Thread.run(Thread.java:595)
  Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.GenericUser authenticate
  FINE: JAAS-OC4J: Authentication failure for user: null
  Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.RealmUserAdaptor isMemberOf
  FINE: JAAS-OC4J: Membership check for group: ISDBS_USER failed for user: anonymous

  I added an HttpSessionListener upon login here's what I get:
  09/03/31 08:21:25 Inside sessionCreated
  09/03/31 08:21:25 Before New session createb = 0
  09/03/31 08:21:25 Created session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
  09/03/31 08:21:25 After New session count = 1
  At session timeout here's what I get:
  09/03/31 08:23:27 Count before destroyed = 1
  09/03/31 08:23:27 Destroyed session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
  09/03/31 08:23:27 Count after destroyed = 0
  09/03/31 08:23:27 Inside sessionCreated
  09/03/31 08:23:27 Before New session createb = 0
  09/03/31 08:23:27 Created session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
  09/03/31 08:23:27 After New session count = 1
  Notice that the session Id in each case is IDENTICAL. That is why the Filter code isn't doing what it is intended to do. Whay is the same session ID being created after it is destroyed? Is there a configuration parameter that controls it?
  Thanks,
  Dave

• Session Timeout and Dynamic Actions

  Did anybody ever use the Session Timeout feature in APEX successfully?
  I have set an idle session timeout and provided an url to redirect to once the session is expired: Home > Application Builder > Application nnn > Shared Components > Edit Security Attributes > Session Timeout
  It works so far during the page rendering and page processing phase. But I have major problems with dynamic actions and custom ajax requests.
  Dynamic actions will just hang and simply don't return. Even worse, when I execute the dynamic action once the session is expired, the session seems to be physically deleted and thus the next click on a tab will not redirect to the expiration page but go straight to the login page.
  Did anybody make it work or is the best way to implement a custom session timeout?
  Thanks,
  Dietmar.

  Hi All,
  Check out the Session Timeout plug-in available here:
  http://skillbuilders.com/plugins
  Let me know if that helps.
  Regards,
  Dan
  blog: http://DanielMcghan.us/
  work: http://SkillBuilders.com/APEX/

• Session Timeout and DAD Authentication

  My application uses the authentication scheme 'No authentication (using DAD)'. The users log in from an external program and the user IDs are captured in the variable remote_user. My authorization scheme checks that the user ID exists in a database table. All this seems to work fine.
  However, I need to implement a session timeout on the application. I've followed the steps described in the "Automatic Session Timeouts" utility in the Application Express Studio but when I tried to modify the authentication scheme by adding:
  return auth_pkg.check_timeout;
  to the Session Verify Function I got the following errors:
  No functional attributes may be set when page sentry function is '-DATABASE-'.
  and
  Session verification function may not be specified if page sentry function is specified.
  I'm new to Apex and I don't know where to go from here. Any advice please?
  Thanks
  Maria

  Maria,
  The usual way to do the authentication part is to use a custom page sentry function. Many examples have been posted on the forum based on the ntlm page sentry code. Search for those keywords here (ntml page sentry) and you should find it easily. Then you can modify it by adding the session timeout logic in that function.
  Scott

• Session Timeout and Url Redirect in BlazeDS?

  We have a JSF2 Webapp and Flex 4 integreated.
  Question
  1. How can we pass the parameters in web.xml to make FLEX4 redirect to login page when the session timeouts instead of giving a AMF Communication Error?
  Thanks,
  User.

  hi, i am also struggling with the same problem, have you got any solution

• Session timeout and session.invalidate() -- are they the same?

  I was just wondering when a session timeout occurs (either by setting the session-timeout in web.xml or the server's default timeout), is the session automatically invalidated? Or should we call setMaxInactiveInterval() instead? Or is calling session.invalidate() the only way to invalidate a session?

  Hello all,
  Both are same in terms of functionality, but if you use both of them like
  1: You specified the tag sessionTimeout and
  2: in your program the session.maxInactiveIntervalTime( value ) here if the value is(we gave it in terms of seconds like for 40 minutes we give 2400) then the program code will override the value previously set in web.xml
  Thanks
  Prabhakar