Session Timeouts issue massively frustrating

I am getting session timeouts when logged into my netmail & trying to compose emails. It happens constantly, sometimes immediately after logging in, sometimes 5 minutes into a session, sometimes 2 minutes into a session. It is completely random timing-wise. It kicks me all the way back out to the login and I've lost whatever I've done since the last "save to draft".
It is extremely frustrating as you can't even get a simple 10-15 line email drafted without losing work and having to log back in.
This issue appears to be intermittent as I've had this problem off and on for months now. It will happen for a while, then stop, then start happening again.
As a software developer by trade, I suspect someone is occassionally re-introducing the bug by using an old peice of code as a baseline, which then eventually gets fixed, only to have that same developer re-introduce the bug again later. I noticed this issue beginning when Verizon switched over to this newer netmail system from the old one (maybe a year or so ago?).
I'm running on IE 7, in an environment where my browser and/or network does not change so the intermittent issues can't be blamed on my environment.

Workflow #2:
Login to my account
Click view all email
Open Drafts Folder
Open draft email response
Select "Send" to send email (total in session time of 30 seconds)
On screen reload, where I would expect to see some sort of indication that my email was successfully sent, instead the system throws session time out message and kicks me out.
I have no idea if my email was successfully sent or not.
Workflow #3:
Login to my account
Click view all email
Attempted to open the first new email in my inbox (total time in session <15 seconds)
System throws session timeout error and kicks me out to the main login.
There is obviously something going on with your session holding code. The session variable is not being passed correctly or something but it's very, very frustrating to spend 30-45 minutes trying to type out a couple of lines, particularly when you have multiple important activities going on that you need to respond too via email.

Similar Messages

JSF 1.2 Session Timeout Issue

I am using using:
JSF- Sun RI (1.2)
Websphere (6.1)
Facelets (1.?)
RichFaces (3.3.2)
I am having an issue with session timeouts that shows up in two different ways:
Scenario 1) the client makes an ajax call after the session has timed out
Scenario 2) the client makes a standard request after the session has timed out - navigating to a new page
I seem to be able to address one or the other, but I can't seem to find a solution that fixes both scenarios.
For Scenario 1, I have the client-side A4J.AJAX.onExpired function defined and that is currently working for session timeouts that are discovered via an ajax request.
However, if I start making changes to try and address the other scenario, it seems to break the A4J javascript function.
For Scenario 2, I have tried a number of suggestions that I've found online:
1) I've tried to configure the error page in web.xml:
<error-page>
     <exception-type>javax.faces.application.ViewExpiredException</exception-type>
     <location>/timeout.jsf</location>
</error-page>
However, anything I seem to try around this solution still winds up with a ViewExpiredException. I've tried to have timeout.jsf redirect to the login page and I get a ViewExpiredException on the login page when the redirect happens. I've tried to just render a timeout page with a link the user can click on to go to the login page and that fails as well.
2) I've tried the phase listener and had little success too.
3) I tried a NavigationHandler
One thing I did have working, I believe, was with the phase listener approach, but I had a difficult time displaying a session timed out message upon redirect, but not the first time the user visited the page.
I'm relatively new to JSF and probably don't understand the app life cycle well enough, I guess, but is there a solution that addresses all of these issues:
1) works for AJAX calls
2) works for actual navigation
3) sends the user back to the login page with some indication as to "why", but gracefully handles the first visit to the login page (or a logout)
Thanks for any suggestions you can offer.

Sorry, but I have to disagree. Loading JavaScript at the beginning of your page would only make the page load slower (and "ruin" the user's experience when they see the page being loaded steadily) and also cause unforeseen issues than to leave it at the bottom of your page.
Big companies like Google (1999), Yahoo (2000), Oracle (2001) and many others are doing the opposite to what you have said. Look at the way they load their JavaScripts and you'll see.
It's also good practice to zip your content from the server before sending it to the client's web browser to increase performance. Of course, this will depend on whether your web browser supports methods such as gzip, deflate, etc... and whether you use HTTP or HTTPS.
Lastly, another bad practice I often see Java programmers do is write the following all over the places:
setString, setInt, setDouble, etcInstead of using an existing feature of Java to do the same in one procedure, as in:
public static void setParameters(PreparedStatement preparedStatement, Object... values)
   throws SQLException
   for (int i = 0; i < values.length; i++) {
      preparedStatement.setObject(i + 1, values);
Then just call *setParameters* whenever you need it instead of writing multiple setString, setInt, etc statements everywhere...

Dot1x session timeout issue

Hi
currently we have an issue with our new dot1x authenticated WLAN. The clients get disconnected when the session timeout expires. As I have discussed with TAC the session timeout forces the client to reauth against RADIUS but should not disassoc him (for non-dot1x-SSIDs it will actually disassoc you by design)
Each time a client is ejected the following message is produced:
May 10 09:59:20 xxx *Dot1x_NW_MsgTask_0: May 10 09:59:21.014: %DOT1X-3-INVALID_WPA_KEY_MSG_STATE: 1x_eapkey.c:848 Received EAPOL-key M2 msg has invalid information when mobile is in START state - invalid secure bit; KeyLen 24, Key type 1, client xxx
A workaround is either to:
a) Disable session timout (but we need to check for revoked certs)
b) Switch from WPA2 to WPA(1)
So far I've tested with:
- Win7 and Centrino 6205 (newest driver)
- Same laptop and some random Realtek USB-Stick
- Same laptop complete new and blank Windows install (without McAfee HIPS & AV) and both NICs
- Also an ancient LAP1231, currently this is a 3502
The interesting part is that we don't seem to have any issues with Ubuntu and Android clients and also an iPad seems to work fine. We are currently running 7.0.240.0, but I also tested with 7.4.103.6 (dev release). The ACS is runnign 5.2 and acknowledges the client fine during reassoc, but for some reason the controller disconnects him.
There are no strange messages in the Windows event log. Do you have any idea what is causing this? A collegue of mine is facing the same issue at a differen company. TAC seems to be stumped, unfortunatly.

After some months of playing with TAC we found the issue: It was wrong of TAC to suggest inceasing the EAPOL-Key Timeout. Actually you have to lower this timeout, because it initiates the retransmission of the EAPOL-key request.
It looks like Win7 changed the behavior somehow (Win XP works fine) and has a more aggressive timeout. Also the first try always fails for some reason still unknown. When the timeout is to large Win 7 diassocs before the controller has a chance to retransmit. I have lowerd the value to 400ms and increased the repeat count which keeps the clients stable again.
Case is still going on to find out why the first try to reauth fails, something with invalid MIC in M2? My current EAP settings are:
EAP-Identity-Request Timeout (seconds)........... 5
EAP-Identity-Request Max Retries................. 3
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 5
EAP-Request Max Retries.......................... 3
EAPOL-Key Timeout (milliseconds)................. 400
EAPOL-Key Max Retries............................ 4
EAP-Broadcast Key Interval....................... 3600
This also got me thinking about the other timeouts and I decreased those as will. Take the EAP-Identity-Request Timout. If you set it to 30 seconds and the first packet ist lost somehow than the client needs to wait 30 seconds for auth, that does not make sense.
https://supportforums.cisco.com/docs/DOC-12110

Forms sessions timeout

Team,
i was asked to look over the forms sessions timeout in oracle applications.can anyone provide me some valid points and solutions regarding that.
Thanks,
aram
Edited by: aram on Jul 28, 2011 1:44 PM

Pl identify OS, database and EBS versions. Pl see these MOS Docs
Tips and Queries for Troubleshooting Forms Session Timeout Issues          [Document 402674.1]
R12: Forms Timeout More Than 2 Hrs Is Not Working After R12 Upgrade          [Document 734077.1]
How To Fix The Forms Timeout Issue In Oracle Applications 11i          [Document 269884.1]
HTH
Srini

Session Timeouts and SmbServer

Hi,
When having iFS mapped to a network drive (via SMB), the SMB server
is unable to recover from a timeout of the LibrarySession. The network
drive then seems to be empty and doing a refresh within explorer
doesn't help either. The only thing that helps, is remapping the
network drive.
Within Node.log of iFS I see this stacktrace.
7/10/02 9:02 AM SmbServer: oracle.ifs.common.IfsException
oracle.ifs.common.IfsException: IFS-21000: Session is not connected or has timed-out
at java.lang.Throwable.fillInStackTrace(Native Method)
at java.lang.Throwable.fillInStackTrace(Compiled Code)
at java.lang.Throwable.<init>(Compiled Code)
at java.lang.Exception.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.beans.LibraryObject.verifyConnected(Compiled Code)
at oracle.ifs.beans.Folder.findPublicObjectByPath(Compiled Code)
at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
at oracle.ifs.protocols.smb.server.DbTree$DbQuery.<init>(Compiled Code)
at oracle.ifs.protocols.smb.server.DbTree.getQuery(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.trans2FindFirst(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.replyTransaction2(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.process(Compiled Code)
at oracle.ifs.protocols.smb.server.ComSmb.handleSmbMessage(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.handleNbMessage(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.readPackets(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.run(Compiled Code)
This behavior actually causes us big problems when editing files via MS Office.
Fortunately Office is able to still save it's data using some generated filename.
(At least until now I could not create any data loss)
But then you have to close it, remap then network drive, rename the file and then
reopen the file. This is big trouble to users, which are not familiar with mapping
network drives and renaming files with extensions.
Is there a way to make the SmbServer keep the LibrarySession alive, as long as
the network drive is mapped ?
Regards,
Jens Lorenz

Workflow #2:
Login to my account
Click view all email
Open Drafts Folder
Open draft email response
Select "Send" to send email (total in session time of 30 seconds)
On screen reload, where I would expect to see some sort of indication that my email was successfully sent, instead the system throws session time out message and kicks me out.
I have no idea if my email was successfully sent or not.
Workflow #3:
Login to my account
Click view all email
Attempted to open the first new email in my inbox (total time in session <15 seconds)
System throws session timeout error and kicks me out to the main login.
There is obviously something going on with your session holding code. The session variable is not being passed correctly or something but it's very, very frustrating to spend 30-45 minutes trying to type out a couple of lines, particularly when you have multiple important activities going on that you need to respond too via email.

Session Timeout Alert text is not getting displayed on web ui.

Hello,
In "Session Timeout Alert" pop up we are facing one issue. The pop up is getting displayed as per the value in rdisp/plugin_auto_logout parameter i.e. 1800. But the text is not getting displayed.
I have implemented the SAP Note 1877120 also. Any inputs to resolve this issue.
Thanks.

Hi Sigrid,
When we do pre activities related to OTR, need to save it in standard name space only ? could you guide me pls.
in the below we have Alias and package are standard.
1.) There are 4 texts which needs to be configured via SOTR_EDIT to get the translation according your languages implemented in your CRM.
a.) Start doing it by opening transaction SOTR_EDIT.
b.) Change to the language you would like to use.
c.) As ALIAS enter first CRM_IC_CMP_FRAME/SESSION_PING_TITLE. Click on Create and confirm the following dialogues.
d.) Enter CRM_IC_CMP_FRAME as package and the object type as WAPP.
e.) Finally enter the translation according your language from the english version (length of text: 25):
"Session Timeout Alert !"
f.) Save you changes
Repeat the steps a.) to f.) with the following aliases and options:
Jimmi

OAM Session timeout

Hi All,
I have the following set up configured.
1)Deployed a web application in a plain(non oim suite related) weblogic domain
2)Installed OHS,OAM,OIM and OUD
3)Configured OHS,OAM,OIM and OUD for SSO in OAM with the external URL from the independent weblogic domain
4)Independent Weblogic domain is configured with OAMIdentityAsserter and OUD Authentication provider
My query is as below.
I have the session time out value configured as 600(seconds) in weblogic.xml of the web application.
Now when the access the web application through OHS SSO URL, the session is not waiting for 600 seconds to timeout,but getting invalidated in around 30 seconds.
How to resolve this issue.
Please advice.
I have the following configured in OHS proxy.
<Location /bc>
SetHandler weblogic-handler
WebLogicHost ZZZZZZ.oracle.com
WebLogicPort 9001
</Location>
firebug show the following URL getting hit just after the session invalidation http://ZZZZZ.com/oam/server/obrareq.cgi?encquery%3DHBGRZNUhr5Ucxs
and the following error gets logged in oam server
"Session invalid as returned by CHECK_VALID_SESSION_RESPONSE responseEvent fail>"
Kindly suggest.
Thanks,
Praveen

Verify whats session timeout value present in below config:
http://docs.oracle.com/cd/E27559_01/admin.1112/e27239/session.htm#AIAAG354
To edit the OAM common session settings:
Log in to Oracle Access Manager.
Click System Configuration.
From the Common Configuration panel, double-click Common Settings.
In the Session area:
In Session Lifetime, increase the current value.
In IdleTimeout (minutes), increase the current value.
Click Apply.
~J

Svn with Apache Timeout issue

Hello Archers,
I've set up an svn Server with Apache folloing your wiki on my raspberry pi.
https://wiki.archlinux.org/index.php/LAMP
https://wiki.archlinux.org/index.php/Subversion_Setup
Unfortunately I get errors when I try to commit several files (15 or so). I think it is a timeout issue, however I don't know where to specify the timeout in the httpd.conf (or httpd-ssl.conf)
This is a client error message:
Commit failed (details follow):
Unexpected end of svndiff Input
And this the corresponding server side log:
[date] [dav:error] [pid 448:tid 2854220848] (70007)The timeout specified has expired: [client 192.168.178.55:63819] Timeout reading the body (URI: /Dokumente/!svn/txr/9-q/Music/myfile.mp3) [408, #0]
[date] [dav:error] [pid 448:tid 2854220848] [client 192.168.178.55:63819] mod_dav_svn close_stream: error closing write stream [500, #185004]
[date] [dav:error] [pid 448:tid 2854220848] [client 192.168.178.55:63819] Unexpected end of svndiff input [500, #185004]
I assume it is some error like this: http://subversion.apache.org/faq.html#s … -truncated
I think I don't have specified the timeouts correctly, since I haven't found the default option.
tl:dr
Do you know how to set the timeouts in the apache configuration file?
I very much appreciate your help.
arch on pi
Here are my configuration Files with my position for the timeout order:
httpd-ssl.conf:
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailed information about these
# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Required modules: mod_log_config, mod_setenvif, mod_ssl,
# socache_shmcb_module (for default value of SSLSessionCache)
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#SSLRandomSeed startup file:/dev/random 512
SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
SSLRandomSeed connect file:/dev/urandom 512
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
Listen 443
## SSL Global Context
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
# Speed-optimized SSL Cipher configuration:
# If speed is your main concern (on busy HTTPS servers e.g.),
# you might want to force clients to specific, performance
# optimized ciphers. In this case, prepend those ciphers
# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
# Caveat: by giving precedence to RC4-SHA and AES128-SHA
# (as in the example below), most connections will no longer
# have perfect forward secrecy - if the server's key is
# compromised, captures of past or future traffic must be
# considered compromised, too.
#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
#SSLHonorCipherOrder on
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is an internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache "dbm:/run/httpd/ssl_scache"
SSLSessionCache "shmcb:/run/httpd/ssl_scache(512000)"
SSLSessionCacheTimeout 6000
## SSL Virtual Host Context
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/mnt/sda1/svn"
ServerName 192.168.178.48:443
ServerAdmin [email protected]
ErrorLog "/var/log/httpd/error_log"
TransferLog "/var/log/httpd/access_log"
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
# require an ECC certificate which can also be configured in
# parallel.
SSLCertificateFile "/etc/httpd/conf/server.crt"
#SSLCertificateFile "/etc/httpd/conf/server-dsa.crt"
#SSLCertificateFile "/etc/httpd/conf/server-ecc.crt"
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# ECC keys, when in use, can also be configured in parallel
SSLCertificateKeyFile "/etc/httpd/conf/server.key"
#SSLCertificateKeyFile "/etc/httpd/conf/server-dsa.key"
#SSLCertificateKeyFile "/etc/httpd/conf/server-ecc.key"
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convenience.
#SSLCertificateChainFile "/etc/httpd/conf/server-ca.crt"
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath "/etc/httpd/conf/ssl.crt"
#SSLCACertificateFile "/etc/httpd/conf/ssl.crt/ca-bundle.crt"
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded).
# The CRL checking mode needs to be configured explicitly
# through SSLCARevocationCheck (defaults to "none" otherwise).
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath "/etc/httpd/conf/ssl.crl"
#SSLCARevocationFile "/etc/httpd/conf/ssl.crl/ca-bundle.crl"
#SSLCARevocationCheck chain
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# TLS-SRP mutual authentication:
# Enable TLS-SRP and set the path to the OpenSSL SRP verifier
# file (containing login information for SRP user accounts).
# Requires OpenSSL 1.0.1 or newer. See the mod_ssl FAQ for
# detailed instructions on creating this file. Example:
# "openssl srp -srpvfile /etc/httpd/conf/passwd.srpv -add username"
#SSLSRPVerifierFile "/etc/httpd/conf/passwd.srpv"
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/srv/http/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is sent or allowed to be received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog "/var/log/httpd/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
#SSLSessionTimeout 5m
Timeout 600000
<Location />
DAV svn
SVNParentPath /mnt/sda1/svn/repos
AuthzSVNAccessFile /home/svn/.svn-policy-file
AuthName "SVN Repositories"
AuthType Basic
AuthUserFile /home/svn/.svn-auth-file
# Satisfy Any
Require valid-user
</Location>
</VirtualHost>
httpd.conf
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
ServerRoot "/etc/httpd"
Timeout 60000
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
# Uncomment and change the directory if mutexes are file-based and the default
# mutex file directory is not on a local disk or is not appropriate for some
# other reason.
# Mutex default:/run/httpd
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#nach fehlermeldung
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#Felhermeldung undefined symbols
LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#nach Fehlermeldung
LoadModule cache_socache_module modules/mod_cache_socache.so
#nochne Fehlermeldung
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule echo_module modules/mod_echo.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule data_module modules/mod_data.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule deflate_module modules/mod_deflate.so
#LoadModule xml2enc_module modules/mod_xml2enc.so
#LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule mime_module modules/mod_mime.so
#LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
#LoadModule lua_module modules/mod_lua.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_crypto_module modules/mod_session_crypto.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
#Fuer die cipher suite
LoadModule ssl_module modules/mod_ssl.so
#LoadModule dialup_module modules/mod_dialup.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
#1 for svn
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule cgi_module modules/mod_cgi.so
#2 for svn
LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule imagemap_module modules/mod_imagemap.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
#3 for svn
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
<IfModule unixd_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User http
Group http
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
<Directory />
AllowOverride none
Require all denied
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/mnt/sda1"
#<Directory "/mnt/sda1/svn/repos">
# # Possible values for the Options directive are "None", "All",
# # or any combination of:
# # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# # Note that "MultiViews" must be named *explicitly* --- "Options All"#
# # doesn't give it to you.
# # The Options directive is both complicated and important. Please see
# # http://httpd.apache.org/docs/2.4/mod/core.html#options
# # for more information.#
# Options Indexes FollowSymLinks
# # AllowOverride controls what directives may be placed in .htaccess files.
# # It can be "All", "None", or any combination of the keywords:
# # AllowOverride FileInfo AuthConfig Limit
# AllowOverride None
# # Controls who can get stuff from this server.
# Require all granted
#</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<Files ".ht*">
Require all denied
</Files>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/var/log/httpd/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/var/log/httpd/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock cgisock
</IfModule>
# "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#EnableMMAP off
#EnableSendfile on
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
# Secure (SSL/TLS) connections
Include /etc/httpd/conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# uncomment out the below to deal with user agents that deliberately
# violate open standards by misusing DNT (DNT *must* be a specific
# end-user choice)
#<IfModule setenvif_module>
#BrowserMatch "MSIE 10.0;" bad_DNT
#</IfModule>
#<IfModule headers_module>
#RequestHeader unset DNT env=bad_DNT
#</IfModule>
Edit: inserted tl;dr
Last edited by arch_on_pi (2014-05-18 21:33:24)

Remember that Arch Arm is a different distribution, but we try to bend the rules and provide limited support for them. This may or may not be unique to Arch Arm, so you might try asking on their forums as well.

Session Timeout Thoughts

I saw a post from awhile ago that you can't change the session timeout in iTunes U. Is this still true?
Our users are having timeout issues and we have an unfortunately lengthy login process to get back into iTunes U so I had some thoughts on the Site Login URL.
We use a portal to authenticate our users who then click an SSO link to take them to a jump page that assembles their credentials and generates an SSO link into iTunes U. I'd really like to avoid having to go back through the portal to get users back into iTunes.
What if, instead of passing just the destination back to the site login URL, iTunes U passed a full SSO link. This way, I can just point my site login URL to the jump page. The jump page can then parse the SSO link to verify the user's credentials and just create a new SSO link right back into iTunes U, almost transparently to the users.
Are there any better options to solve this problem? I know this would require some modification on the iTunes U side, but it seems like it'd solve some problems.
Thanks
Jason

Hi Jason,
I don't think I did a good job at explaining what I'm trying to get at. Sorry, let me try another way.
The problem is not one of security necessarily. If you get a signature back from Apple, sure, your jump site can verify that Apple sent you warnings about sessions that are about to timeout. The problem is that Apple cannot distinguish our local users from the identity and credentials we send. It might seem that way in specific instances (because some sites have an elaborate identity/credentialling scheme), but it is not true in the general case. It is entirely possible that scores of people can share exactly the same identity/credential info ... that is totally legal in the iTunes U world (and why I urge people not to think of "users" and "accounts" whenever they think iTunes U). For example, lessay I have a site that has a very simple credentialling scheme, say ...
Administrator@urn:mace:itunesu.com:sites:uic.edu
Instructor@urn:mace:itunesu.com:sites:uic.edu
Student@urn:mace:itunesu.com:sites:uic.edu
Authenticated@urn:mace:itunesu.com:sites:uic.edu
Unauthenticated@urn:mace:itunesu.com:sites:uic.edu
All@urn:mace:itunesu.com:sites:uic.edu
Further, let's say that I "anonymize" my users by sending no identity info to Apple. So if Apple sends my jump site the following:
credentials=Student@urn:mace:itunesu.com:sites:uic.edu
identity=
time=123456789
signature=stringwith_bunch_ofhex
which one of my local users does that belong to? ... whose session should I recredential? Sure, you can make a complex credentialling scheme that narrows usage down to the specific person ... but I would urge you to think of credentials as a kind of "hall pass" ... a token that lets you into a specific place within iTunes U ... and not as a way to identify someone. Remember that Apple has to use a system that applies in the general case and what I have above is totally legal. If I want, I can obfuscate my users to be certain that only -I- know who's accessing iTunes U.
Recall, too, the way that iTunes U is setup. Your transfer CGI sends a URL to Apple and Apple sends you back loads of HTML/JavaScript/CSS in return. Your transfer CGI passes all of it back to the end user. The heart of the HTML Apple sends is this itmss: redirect:
itmss://deimos.apple.com/WebObjects/Core.woa/BrowsePrivately/uic.edu?
credentialKey=1474615910&identity=2253747564656e7422203c5374756
4656e74407569632e6564753e202853747564656e7429205b305d&time=
1203747692&signature=32d169daa7a282f8c7efa7d4f7f7fb0dceaac507c26
f205123473f09d6b9ef50&x=true&ignore.mscache=8974210
That is how Apple talks to your end users. The session is private ... between Apple and your end users. The only way for you to know which session belongs to which local user is for Apple to send you that itmss link and say, in effect, "the session associated with this link is about to time out". Your jump site would have to maintain a connection between itmss links, your local users, and the credentials associated with both. But if your site is -already- caching local user/credential info, there is no need for Apple to send your creds/identity back to you.
As ever, if my understanding is itself cloudy, I bow to Duncan. He knows all and I am happy to be corrected. Like you guys, I am here to learn.

Session Timeout Alert + login page has changed

Hello,
We recently updated our SAP CRM 7.0 from EHP1 to EHP3.
Since than we get this "Session Timeout Alert" error and it is very annoying.
I've changed the rdisp/plugin_auto_logout parameter to 7200 s but the session is still ending after about 10min.
On EHP1 we didn't had this problem.
Also it seems that the login page has changed because the username and password is not saved anymore and we need to introduce them every time we log in.
Please help to solve these problems.
Thanks!

Hi Sudhir,
My issue is also not solved!
The server restart was only another possible solution.
Very annoying!
Still searching....
BR

"Session Timeout" on WebMail Today on a Win7 NetBook!!^$*^%^*#(*

I'm generally a low-maintenance Verizon home phone and dsl client but this is a major PITA. Wondering if it's my OS or browsers or the crappy new netmail site is just not working today.
Get the "Session Timeout" on everything associated with mail. Can access my home phone and dsl account profiles but zip on netmail on the "new" or even "classic" views. Get the pop-up to log back in and I do so, but NADA. Cleared cookies and history frlom both Firefox and IE8 and restarted. Disabled Norton 360. Nothing works.
I don't access netmail often, but I am on a biz trip this week. It's not the server. I can send/receive on this account on both an iPhone and the work Blackberry and just did test msgs on both a few minutes ago. But I need the netbook to send a couple of large word and excel files.
So for my 1st post I am thinking about raising the **bleep** flag on Verizon since 2 calls and a chat runaround got me nowhere today. They are basically indifferent or uninformed.
So are there any issues with Win7 (mine is still the starter version on the netbook) or is the site just down today? Or am I an idiot missing something that's very obvious ? Which is entirely possible.
Trout

I have been having the same problem. Never happened until a few months ago, and now happens all the time - once it times out once, that's it for the rest of the day, every subsequent login is immediately logged out again.
Can anyone explain to me the purpose of having "the community" ask each other how to solve this problem, when clearly it is a Verizon website issue?

Session Timeout - Process as a webservice

Hi ,
I am using ALBPM v5.7.
In this we are exposing our process as webservice.
We are Invoking these webservice methods from portal deployed in BEA Weblogic Server,
The procedure we are following is , starting the session and then invoking our methods -- method1 and method2.
But , After invoking method1, In the portal, we are waiting for five minutes and then trying to invoke method2 of BPM using the same session,
When we do this, It is throwing an exception,
Invalid Session.
We observed that if we invoke method2 before five minutes then it is working fine.
So do we have any session timeout for the BPM Process, when we expose our process as a webservice.
If so , could you please help me in resolving this issue?
Thanks & Regards,
Krishnaveni.

Just input paramters inside the Begin Activity...
Right Click on the Process and open Process Web-Service and add a Web-Service to it..
Then start the engine in Studio..
And then click on Launch Deployed WebServices Webapp..
And you would get the endpoint..

Session Timeouts accessing data from Xcelsius

I am running Business Objects XI R2 SP2 and running Xcelsius 2008 FP1.
Basically within my models i use LiveOffice to refresh the initial data used within the models and then I use QaaWS to use certain drill through parameters to retrieve more detailed information.
All this works fine and returns all the data i need, but i get session errors when accessing the models from Infoview.
When i log into Infoview, i can run 1 model fine and do all the necessary refreshes and further drill downs without any trouble, but when i close the model down and try to go into the next model i get the following error message;
Your webintelligence session has timeed out WIS: 30553.
NOw i have updated all the setting i know of eg;
1) Webi report server timeout in server properties
2) Configured the command line of the webi report server in CCM to include the timeout parameter.
3) Web.xml file has been amended to increase the session timout
4) Web.xml file has been amended to uncomment the listener settings
5) i have even updated the session timeout on the Tomcat server (tomcat\conf\web.xml)
Has anyone any other ideas as i can not access the models.
I know this is not related to Webi reports, as i can fresh reports and open up other reports without any issues, so i think it must be related to Xcelsius in soem way.
Any help will be gratefully received.
Anthony
Edited by: Anthony Jones on Mar 12, 2009 12:32 PM

Hey thanks a lot your code worked!!
     I wrote it in my procedure and ran it through my job.Its working as needed now.
     I analysed what your code does. Let me know if I'm right or wrong
     The view apex_activity_log is based on query like
     SELECT * FROM wwv_flow_activity_log
WHERE security_group_id = (SELECT wwv_flow.get_sgid
FROM DUAL
WHERE ROWNUM = 1);
What i understand is when i run query in toad it gets null value in above where clause so my below query doesnot retrieve any data.
     But when i set security_group_id it gets some value through wwv_flow.get_sgid and my query retrieves the data for my app_id
     SELECT l.userid,
a.application_name,
l.step_id page_no,
l.TIME_STAMP,
l.ir_report_id,
l.elap,
l.session_id,
l.ip_address
FROM apex_activity_log l, apex_applications a
WHERE l.flow_id = a.application_id
AND l.flow_id = 200; --app_id
Can u pls explain me what is security_group_id and its significance??Are workspace_id and security_group_id same??

ISE 1.1 - switch ignores "Session-Timeout"

hi all,
I'm playing around with ISE guest service and have some difficulty with Time Profiles.
After guest logs in, Radius attributes are sent to the switch (3750G) one of them is Session-Timeout which should be similar to 1h (DefaultOneHour)
According to ISE logs and switch debugs, ISE did it well and this attribute was sent but it seems that the switch simply ignores it.
May 24 07:03:11.658: %SEC-6-IPACCESSLOGP: list ACL-DEFAULT denied udp 10.1.100.194(1029) -> 10.1.100.2(389), 1 packet19:46:57: RADIUS: COA received from id 36 10.1.100.6:64700, CoA Request, len 18319:46:57: RADIUS/DECODE: parse unknown cisco vsa "reauthenticate-type" - IGNORE19:46:57: RADIUS/ENCODE(00000000):Orig. component type = Invalid19:46:57: RADIUS(00000000): sending19:46:57: RADIUS(00000000): Send CoA Ack Response to 10.1.100.6:64700 id 36, len 3819:46:57: RADIUS: authenticator 0B 30 6E 9B DF 97 0D A0 - D9 8B A5 5A 11 39 3E 4119:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   11 42 82 E2 52 68 DF 28 CD 43 AE 88 0C 5D 91 10            [ BRh(C]]19:46:57: RADIUS/ENCODE(00000026):Orig. component type = Dot1X19:46:57: RADIUS(00000026): Config NAS IP: 0.0.0.019:46:57: RADIUS(00000026): Config NAS IPv6: ::19:46:57: RADIUS/ENCODE(00000026): acct_session_id: 2719:46:57: RADIUS(00000026): sending19:46:57: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:57: RADIUS(00000026): Send Access-Request to 10.1.100.6:1812 id 1645/25, len 26719:46:57: RADIUS: authenticator 6D 92 DC 77 87 47 DA 8E - 7D 6B DD DD 18 BE DC 3319:46:57: RADIUS: User-Name           [1]   14 "0016d329042f"19:46:57: RADIUS: User-Password       [2]   18 *19:46:57: RADIUS: Service-Type        [6]   6   Call Check                [10]19:46:57: RADIUS: Vendor, Cisco       [26] 31 19:46:57: RADIUS:   Cisco AVpair       [1]   25 "service-type=Call Check"19:46:57: RADIUS: Framed-IP-Address   [8]   6   10.1.100.194 19:46:57: RADIUS: Framed-MTU          [12] 6   1500 19:46:57: RADIUS: Called-Station-Id   [30] 19 "00-24-F9-2D-83-87"19:46:57: RADIUS: Calling-Station-Id [31] 19 "00-16-D3-29-04-2F"19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   AD EB 99 4A F2 B9 4E BB 2E B3 E2 04 BE 5B 0C 72             [ JN.[r]19:46:57: RADIUS: EAP-Key-Name        [102] 2   *19:46:57: RADIUS: Vendor, Cisco       [26] 49 19:46:57: RADIUS:   Cisco AVpair       [1]   43 "audit-session-id=0A01280100000016043E0D23"19:46:57: RADIUS: NAS-Port-Type       [61] 6   Ethernet                  [15]19:46:57: RADIUS: NAS-Port            [5]   6   50107 19:46:57: RADIUS: NAS-Port-Id         [87] 22 "GigabitEthernet1/0/7"19:46:57: RADIUS: Called-Station-Id   [30] 19 "00-24-F9-2D-83-87"19:46:57: RADIUS: NAS-IP-Address      [4]   6   10.1.100.1 19:46:57: RADIUS(00000026): Sending a IPv4 Radius Packet19:46:57: RADIUS(00000026): Started 5 sec timeout19:46:57: RADIUS: Received from id 1645/25 10.1.100.6:1812, Access-Accept, len 27219:46:57: RADIUS: authenticator F1 5F 57 72 FD 80 95 20 - 46 47 B5 CE DF 63 6E 1A19:46:57: RADIUS: User-Name           [1]   19 "[email protected]"19:46:57: RADIUS: State               [24] 40 19:46:57: RADIUS:   52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 30 41 [ReauthSession:0A]19:46:57: RADIUS:   30 31 32 38 30 31 30 30 30 30 30 30 31 36 30 34 [0128010000001604]19:46:57: RADIUS:   33 45 30 44 32 33            [ 3E0D23]19:46:57: RADIUS: Class               [25] 49 19:46:57: RADIUS:   43 41 43 53 3A 30 41 30 31 32 38 30 31 30 30 30 [CACS:0A012801000]19:46:57: RADIUS:   30 30 30 31 36 30 34 33 45 30 44 32 33 3A 69 73 [00016043E0D23:is]19:46:57: RADIUS:   65 2F 31 32 34 30 33 36 37 39 31 2F 32 39 37   [ e/124036791/297]19:46:57: RADIUS: Session-Timeout     [27] 6   2940 19:46:57: RADIUS: Termination-Action [29] 6   0 19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   26 46 2C B6 75 95 AF 37 E6 3B B1 CB F2 70 E0 8D           [ &F,u7;p]19:46:57: RADIUS: Vendor, Cisco       [26] 72 19:46:57: RADIUS:   Cisco AVpair       [1]   66 "ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: Vendor, Cisco       [26] 42 19:46:57: RADIUS:   Cisco AVpair       [1]   36 "profile-name=Microsoft-Workstation"19:46:57: RADIUS(00000026): Received from id 1645/2519:46:57: RADIUS/DECODE: parse unknown cisco vsa "profile-name" - IGNOREMay 24 07:03:19.132: %MAB-5-SUCCESS: Authentication successful for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D23May 24 07:03:19.132: %AUTHMGR-7-RESULT: Authentication result 'success' from 'mab' for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D23May 24 07:03:19.140: %EPM-6-POLICY_REQ: IP 10.1.100.194| MAC 0016.d329.042f| AuditSessionID 0A01280100000016043E0D23| AUTHTYPE DOT1X| EVENT APPLYMay 24 07:03:19.165: %EPM-6-AAA: POLICY xACSACLx-IP-Contractors-ACL-4fbcd736| EVENT DOWNLOAD-REQUEST19:46:57: RADIUS/ENCODE(00000000):Orig. component type = Invalid19:46:57: RADIUS(00000000): Config NAS IP: 0.0.0.019:46:57: RADIUS(00000000): sending19:46:57: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:57: RADIUS(00000000): Send Access-Request to 10.1.100.6:1812 id 1645/26, len 14419:46:57: RADIUS: authenticator 1A 52 18 C5 25 A7 5C DC - 29 C9 5C 7C C5 B3 FC 5819:46:57: RADIUS: NAS-IP-Address      [4]   6   10.1.100.1 19:46:57: RADIUS: User-Name           [1]   38 "#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: Vendor, Cisco       [26] 32 19:46:57: RADIUS:   Cisco AVpair       [1]   26 "aaa:service=ip_admission"19:46:57: RADIUS: Vendor, Cisco       [26] 30 19:46:57: RADIUS:   Cisco AVpair       [1]   24 "aaa:event=acl-download"19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   2B 6B 13 37 0D 25 11 E9 6A 56 35 D8 91 9F EF F0           [ +k7?jV5]19:46:57: RADIUS(00000000): Sending a IPv4 Radius Packet19:46:57: RADIUS(00000000): Started 5 sec timeoutMay 24 07:03:19.191: %SEC-6-IPACCESSLOGP: list ACL-DEFAULT denied tcp 10.1.100.194(2125) -> 10.1.100.6(8443), 1 packet19:46:57: RADIUS: Received from id 1645/26 10.1.100.6:1812, Access-Accept, len 35919:46:57: RADIUS: authenticator 31 B0 73 93 CA 0E 5C 7C - 11 29 AA 57 6C A1 53 D819:46:57: RADIUS: User-Name           [1]   38 "#ACSACL#-IP-Contractors-ACL-4fbcd736"19:46:57: RADIUS: State               [24] 40 19:46:57: RADIUS:   52 65 61 75 74 68 53 65 73 73 69 6F 6E 3A 30 61 [ReauthSession:0a]19:46:57: RADIUS:   30 31 36 34 30 36 30 30 30 30 30 30 35 44 34 46 [0164060000005D4F]19:46:57: RADIUS:   42 44 44 44 33 37            [ BDDD37]19:46:57: RADIUS: Class               [25] 49 19:46:57: RADIUS:   43 41 43 53 3A 30 61 30 31 36 34 30 36 30 30 30 [CACS:0a016406000]19:46:57: RADIUS:   30 30 30 35 44 34 46 42 44 44 44 33 37 3A 69 73 [0005D4FBDDD37:is]19:46:57: RADIUS:   65 2F 31 32 34 30 33 36 37 39 31 2F 32 39 38   [ e/124036791/298]19:46:57: RADIUS: Termination-Action [29] 6   1 19:46:57: RADIUS: Message-Authenticato[80] 18 19:46:57: RADIUS:   80 EF 5B 80 76 F1 C9 37 0B 25 34 37 10 57 CC 44          [ [v7?47WD]19:46:57: RADIUS: Vendor, Cisco       [26] 47 19:46:57: RADIUS:   Cisco AVpair       [1]   41 "ip:inacl#1=permit udp any any eq domain"19:46:57: RADIUS: Vendor, Cisco SW3750-1# [26] 48 19:46:57: RADIUS:   Cisco AVpair       [1]   42 "ip:inacl#2=permit ip any host 10.1.100.6"19:46:57: RADIUS: Vendor, Cisco       [26] 57 19:46:57: RADIUS:   Cisco AVpair       [1]   51 "ip:inacl#3=deny ip any 10.0.0.0 0.255.255.255 log"19:46:57: RADIUS: Vendor, Cisco       [26] 36 19:46:57: RADIUS:   Cisco AVpair       [1]   30 "ip:inacl#4=permit ip any any"19:46:57: RADIUS(00000000): Received from id 1645/26May 24 07:03:19.216: %EPM-6-AAA: POLICY xACSACLx-IP-Contractors-ACSW3750-1#SW3750-1#SW3750-1#L-4fbcd736| EVENT DOWNLOAD-SUCCESSMay 24 07:03:19.216: %EPM-6-POLICY_APP_SUCCESS: IP 10.1.100.194| MAC 0016.d329.042f| AuditSessionID 0A01280100000016043E0D23| AUTHTYPE DOT1X| POLICY_TYPE Named ACL| POLICY_NAME xACSACLx-IP-Contractors-ACL-4fbcd736| RESULT SUCCESSMay 24 07:03:20.147: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0016.d329.042f) on Interface Gi1/0/7 AuditSessionID 0A01280100000016043E0D2319:46:58: RADIUS/ENCODE(00000026):Orig. component type = Dot1X19:46:58: RADIUS(00000026SW3750-1#SW3750-1#SW3750-1#SW3750-1#): Config NAS IP: 0.0.0.019:46:58: RADIUS(00000026): Config NAS IPv6: ::19:46:58: RADIUS/ENCODE: Best Local IP-Address 10.1.100.1 for Radius-Server 10.1.100.619:46:58: RADIUS(00000026): Sending a IPv4 Radius Packet19:46:58: RADIUS(00000026): Started 5 sec timeout19:46:58: RADIUS: Received from id 1646/35 10.1.100.6:1813, Accounting-response, len 38SW3750-1#
SW3750-1#sh authe sess int g 1/0/7 Interface: GigabitEthernet1/0/7 MAC Address: 0016.d329.042f IP Address: 10.1.100.194 User-Name: [email protected] Status: Authz Success Domain: DATA Security Policy: Should Secure Security Status: Unsecure Oper host mode: multi-auth Oper control dir: both Authorized By: Authentication Server Vlan Group: N/A ACS ACL: xACSACLx-IP-Contractors-ACL-4fbcd736 Session timeout: N/A Idle timeout: N/A Common Session ID: 0A01280100000016043E0D23 Acct Session ID: 0x0000001B Handle: 0x2F000017Runnable methods list: Method   State mab      Authc Success dot1x    Not runSW3750-1#
Has anyone encountered similar thing?
I tried 12.2(58) and now Im testing
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 15.0(1)SE2, RELEASE SOFTWARE (fc3)
but in both cases it is similar.
regards
Przemek

Hi Sebastian,
thx a lot those 2 commands solved the issue, my mistake. Now I can see remaining time for the session
SW3750-1#sh auth sess int g1/0/7 Interface: GigabitEthernet1/0/7 MAC Address: 0016.d329.042f IP Address: 10.1.100.194 User-Name: [email protected] Status: Authz Success Domain: DATA Security Policy: Should Secure Security Status: Unsecure Oper host mode: multi-auth Oper control dir: both Authorized By: Authentication Server Vlan Group: N/A ACS ACL: xACSACLx-IP-Contractors-ACL-4fbcd736 Session timeout: 28800s (server), Remaining: 28780s Timeout action: Terminate Idle timeout: N/A Common Session ID: 0A012801000000221DE0F555 Acct Session ID: 0x0000002B Handle: 0x99000023Runnable methods list: Method   State mab      Authc Success dot1x    Not run
regards
Przemek

In APEX clicking the hyper link doesn't trigger session timeout page

Hi All,
I have a question about the session time out in APEX application. I have created a simple APEX application. In the SQL report region section, i have code like this:
SELECT DOC_Name, DOC_URL,
'<a href="' || DOC_URL || ' target="_blank"/">Download file</a>' pdf_link
FROM test_table
where emp_number =00010001
When user clicks on the hyper link, it will display the destination page to user(for example if DOC_URL = 'http://forums.oracle.com', it will display the oracle forum page in a new browser).
But the issue is that, after user's session timeout (I set for 240 seconds through Shared Components>Edit Security Attributes, i set max the session timeout for example 240 seconds), when i click on this hyperlink, it doesn't trigger my session timeout page and it still displays the page (oracle forum page).
Why in APEX clicking the hyper link doesn't trigger session timeout page after the user session timeout???
how to implememt or fix to trigger the session timeout page after clicking on the hyperlinks?
(BTW, our APEX version is 3.2)
Thanks!

Hi Lily,
the reason for that behavior is that APEX is not involved anymore if you click on an external link. That's completely handled by your browser.
To involve APEX timeout handling you could redirect to a specific page in your application which performs the final redirect.
For example:
1) Create a new page 999
2) Create hidden page item P999_URL
3) Create a before header PL/SQL process with the following source
owa_util.redirect_url('http://'||:P999_URL);
apex_application.g_unrecoverable_error := TRUE;If you want to embed a link, create a link to page 999 and set the page item P999_URL to forums.oracle.com
You could also add a white list into the above code to verify that you are just redirecting to valid URLs, so that nobody is using your trusted application URL for phishing attacks.
Hope that gives you a direction
Patrick
Regards
Patrick
My Blog: http://www.inside-oracle-apex.com
APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
Twitter: http://www.twitter.com/patrickwolf

Session Timeouts issue massively frustrating

Similar Messages

Maybe you are looking for