SSO logon session timeout

Hello All,
I want to know how we create the SSO in any BSP application and how to set the time for Session out for SSO and SSL.
Thanks and regards,
Kuldeep Verma

Hi Kuldeep,
1. Go to transaction SICF
2. Go to Menu->Goto->Maintain Parameter Profile
3. Use the name param name. login/ticket_expiration_time
4. Display and change the time
Reward Pts if helpful!
Regards,
Prasanna

Similar Messages

Sso session timeout per partner application

Hello,
I was just wondering if it is possible to configure SSO session timeouts per partner application? I'm looking to log out users of a particular application after 15 minutes, but don't want this change to affect any of my other SSO enabled applications. Is this possible?
Thanks,

Hi,
I do not think so, you can not specify specail parameter for one application in SSO.
Why because SSO is one component (within your Infra) through which you logon different apps.
Another solution may be it will expensive is that you 'll need to use different infra for this specific application.
Regards,
Hamdy

Portal Session Timeout - ICM/Webdynpro/POWL

Hi Experts,
We are having SRM Portal which has POWL Webdynpro and other applications running.
SRM Portal is a seperate JAVA Instance and integrated to backend with SSO enabled.
We have Logon Ticket Timeout set as default 8 Hours and the Session Timeout in Portal set as 2 Hours (Server>services>webcontainer>properties>Session Timeout).
For the ABAP backend, we have rdisp/plugin_auto_logout-->7200 (2 Hours) and ICM timeout as remommeded by SAP as icm/server_port_0 = PROT=HTTP,PORT=8012,TIMEOUT=90,PROCTIMEOUT=600
Now the problem is:
1. Users connected to portal and work on any POWL Iviews has an idle time of two hours-->we get the ICM session timeout error page.
2. Sometimes Users get the Login screen of portal within the Navigation Frame which can be identified as the Ticket Expiration
Is there a possibility to control the behavior of portal to avoid these error pages to Users like if the timeout happened in backend, there should be auto refresh if the user clicks the application.
And if the ticket expired, the portal should refresh to the home screen on clicking any Iview.
We tried the IDLE timeout pop up and in Vain, you could see my another post on the same.
Portal Idle Pop Up
Regards,
Sethu

Hi,
Read SAP note 705013,
I think adjusting the kernel parameters, rdisp/gui_auto_logout and rdisp/plugin_auto_logout will help.
Try adding below parameters in the Instance profile.
icm/keep_alive_timeout 3600
icm/conn_timeout 5000
Regards,
Venkata S Pagolu

How to Sync the session timeout of Portal with CMS Server

Hi Experts,
We have a custom application build on our portal which will launch the reports of InfoView. It works fine untill the portal session timeout. Whenever the session timeout occurs and reloads it I am unable to launch the reports and getting the below exception.
com.crystaldecisions.sdk.exception.SDKException$OCAFramework: Unable to reconnect to the CMS server_ip:6400. The session has been logged off or has expired. (FWM 01002)
Portal is configured with SSO. Please adviese how to set the settings of session timeout in such way that Portal sync session timeout with CMS server.
Thanks in Advance,
Chinaa.

Hi ,
There is no such option to sync Portal timout with CMS server.
To resolve your problem you have only option to set your CMS server timout to MAX value.
Thanks
Anil

OAM Session timeout

Hi All,
I have the following set up configured.
1)Deployed a web application in a plain(non oim suite related) weblogic domain
2)Installed OHS,OAM,OIM and OUD
3)Configured OHS,OAM,OIM and OUD for SSO in OAM with the external URL from the independent weblogic domain
4)Independent Weblogic domain is configured with OAMIdentityAsserter and OUD Authentication provider
My query is as below.
I have the session time out value configured as 600(seconds) in weblogic.xml of the web application.
Now when the access the web application through OHS SSO URL, the session is not waiting for 600 seconds to timeout,but getting invalidated in around 30 seconds.
How to resolve this issue.
Please advice.
I have the following configured in OHS proxy.
<Location /bc>
SetHandler weblogic-handler
WebLogicHost ZZZZZZ.oracle.com
WebLogicPort 9001
</Location>
firebug show the following URL getting hit just after the session invalidation http://ZZZZZ.com/oam/server/obrareq.cgi?encquery%3DHBGRZNUhr5Ucxs
and the following error gets logged in oam server
"Session invalid as returned by CHECK_VALID_SESSION_RESPONSE responseEvent fail>"
Kindly suggest.
Thanks,
Praveen

Verify whats session timeout value present in below config:
http://docs.oracle.com/cd/E27559_01/admin.1112/e27239/session.htm#AIAAG354
To edit the OAM common session settings:
Log in to Oracle Access Manager.
Click System Configuration.
From the Common Configuration panel, double-click Common Settings.
In the Session area:
In Session Lifetime, increase the current value.
In IdleTimeout (minutes), increase the current value.
Click Apply.
~J

Session Timeout Thoughts

I saw a post from awhile ago that you can't change the session timeout in iTunes U. Is this still true?
Our users are having timeout issues and we have an unfortunately lengthy login process to get back into iTunes U so I had some thoughts on the Site Login URL.
We use a portal to authenticate our users who then click an SSO link to take them to a jump page that assembles their credentials and generates an SSO link into iTunes U. I'd really like to avoid having to go back through the portal to get users back into iTunes.
What if, instead of passing just the destination back to the site login URL, iTunes U passed a full SSO link. This way, I can just point my site login URL to the jump page. The jump page can then parse the SSO link to verify the user's credentials and just create a new SSO link right back into iTunes U, almost transparently to the users.
Are there any better options to solve this problem? I know this would require some modification on the iTunes U side, but it seems like it'd solve some problems.
Thanks
Jason

Hi Jason,
I don't think I did a good job at explaining what I'm trying to get at. Sorry, let me try another way.
The problem is not one of security necessarily. If you get a signature back from Apple, sure, your jump site can verify that Apple sent you warnings about sessions that are about to timeout. The problem is that Apple cannot distinguish our local users from the identity and credentials we send. It might seem that way in specific instances (because some sites have an elaborate identity/credentialling scheme), but it is not true in the general case. It is entirely possible that scores of people can share exactly the same identity/credential info ... that is totally legal in the iTunes U world (and why I urge people not to think of "users" and "accounts" whenever they think iTunes U). For example, lessay I have a site that has a very simple credentialling scheme, say ...
Administrator@urn:mace:itunesu.com:sites:uic.edu
Instructor@urn:mace:itunesu.com:sites:uic.edu
Student@urn:mace:itunesu.com:sites:uic.edu
Authenticated@urn:mace:itunesu.com:sites:uic.edu
Unauthenticated@urn:mace:itunesu.com:sites:uic.edu
All@urn:mace:itunesu.com:sites:uic.edu
Further, let's say that I "anonymize" my users by sending no identity info to Apple. So if Apple sends my jump site the following:
credentials=Student@urn:mace:itunesu.com:sites:uic.edu
identity=
time=123456789
signature=stringwith_bunch_ofhex
which one of my local users does that belong to? ... whose session should I recredential? Sure, you can make a complex credentialling scheme that narrows usage down to the specific person ... but I would urge you to think of credentials as a kind of "hall pass" ... a token that lets you into a specific place within iTunes U ... and not as a way to identify someone. Remember that Apple has to use a system that applies in the general case and what I have above is totally legal. If I want, I can obfuscate my users to be certain that only -I- know who's accessing iTunes U.
Recall, too, the way that iTunes U is setup. Your transfer CGI sends a URL to Apple and Apple sends you back loads of HTML/JavaScript/CSS in return. Your transfer CGI passes all of it back to the end user. The heart of the HTML Apple sends is this itmss: redirect:
itmss://deimos.apple.com/WebObjects/Core.woa/BrowsePrivately/uic.edu?
credentialKey=1474615910&identity=2253747564656e7422203c5374756
4656e74407569632e6564753e202853747564656e7429205b305d&time=
1203747692&signature=32d169daa7a282f8c7efa7d4f7f7fb0dceaac507c26
f205123473f09d6b9ef50&x=true&ignore.mscache=8974210
That is how Apple talks to your end users. The session is private ... between Apple and your end users. The only way for you to know which session belongs to which local user is for Apple to send you that itmss link and say, in effect, "the session associated with this link is about to time out". Your jump site would have to maintain a connection between itmss links, your local users, and the credentials associated with both. But if your site is -already- caching local user/credential info, there is no need for Apple to send your creds/identity back to you.
As ever, if my understanding is itself cloudy, I bow to Duncan. He knows all and I am happy to be corrected. Like you guys, I am here to learn.

SSO and portal timeout -- other bug?

...this is very probably related to the other post talking about SSO and portal timeout...
I am having another weird issue with dotnet portlets that uses inline refresh (done automatically by dotnet accelerator) and SSO.
When you let the portal session expire, and then click on a button/link within a portlet (hence generate an inline refresh gatewayed request), the full portal window (header/footer etc...) appears within the portlet, instead of the portlet content alone.
I did some http traces (see below) and it seems the problem is due to the windows SSOLogin.aspx (we are using windows auth SSO) not taking the requested portlet gatewayed request url as a post login redirect info... but taking instead the current page url (which is wrong)
Thus, after the gatewayed portlet request is successfully authenticated by the SSOLogin.aspx component, it is automatically redirected to the wrong urll...making the full portal page refresh into the portlet.
So my question is: have anyone already seen such behavior? And has anything been done to fix this?
It really seems like a bug with the SSO servlet...but maybe i am doing something wrong...Just want to have your thoughts on this.
Thanks,
Fabien
============================================================================================
HTTP Trace:
POST     302     Redirect to /portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login     http://your.portal.com/portal/server.pt/gateway/PTARGS_0_15046_362_205_0_43/http%3B/your.portletserver.com/yourapp/youraspx.aspx
GET     401     text/html     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET     401     text/html     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET     302     Redirect to http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
GET     200     text/html; charset=utf-8     http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login

I have this happen in v6.0 sp1. We have worked around the problem with a bit of work and synchronization of settings. Below, I've outlined how we've worked around the problem (which is indeed a problem that should be fixed). Also, if you have a load balancer, you'll need to set your session timeout on the load balancer to a bit more than the refresh rate that you set for your communities and My Pages.
Resolving the Portlet Timeout / Refresh Problem in ALUI Portal_
Problem: Users occasionally receive the portal page within a portlet error
Cause: The root cause has not been determined; however it appears that the primary event that exhibits the behavior is when a teammember’s session has expired on the portal server and they then utilize a .NET form-based portlet which refreshes in place. Because we are using WIA SSO to enable automatic logins to the portal, it makes the error seem to occur randomly.
Resolution:
The workaround solution is to – 1) increase the portal session timeout on the portal web servers from the default 20min to 4 hours, and 2) set the MyPage refresh interval setting for all portal users to 3 hours. The setting name is a bit of a misnomer, as it will actually refresh the entire portal page automatically if the user is idle on either a My Page or a Community Page, as these are the only two places that portlets reside.
Increasing the portal session timeout:
The portal session timeout is controlled in two places, and both settings should match. On the portal virtual directory in IIS, edit the configuration and increase the timeout setting to 240 (minutes). Then, edit the portal application’s web.config file (d:\portal\ptportal\6.0\webapp\portal\web\) and increase the sessionState Timeout variable to 240. Editting the config file will require you to restart the services before you see the change.
Initial setting of the MyPage refresh interval:
The initial setting will need to be done by a SQL script in order to apply it to all existing users. The Default Profile should also be updated so that all new user synched from AD will have this setting applied automatically.
/* Delete refresh interval settings for all users first so that there are no conflicts on the inserts */
DELETE FROM portaldbuser.ptprefs WHERE prefname = 'intMyPageRefreshRate'
/* Insert desired page refresh setting for all users */
INSERT INTO portaldbuser.ptprefs (userid,gadgetid,prefclassid,prefobjectid,prefname,prefvaluetype,prefvalue,pagenumber) SELECT objectid,0,0,0,'intMyPageRefreshRate',3,180,0 FROM portaldbuser.ptusers
From Administration, access the Default Profiles utility. Check the Default Profile entry and click on the Edit Profile Layout link. Click on the My Account link in the Portal Settings portlet and then on the Display Options link on the next page. In the Page and Portlet Settings, update the Your My Page will be updated: setting to 4 hours. Click Finish twice to return to Administration.
Updating the MyPage refresh interval:
To update the setting just modify the insert portion of the SQL script. Change the prefvalue number (180) to the desired timeout in minutes and rerun both statements of the script.
The Default Profile should be also be modified per the instructions above.
I hope this helps...
-tom

Session timeout and Custon login module

Hi,
Dev Platform: Jdev 10.1.3.4.0, Oracle 10.2.4
I'm trying to trap the session timeout and display a page. I'm using the code below from Frank Nimphius. I've also provided a console log of what is happening when the application times out. Instead of the filter being called the system is calling the dblogin module and attempting to login the anonymous user. I renamed the anonymous user and I just see log entries where the system attempted to find the anonymous user.
If I use the application to logout I get a Logout page with a button to confirm the logout. When I press the button the session is invalidated and the filter code brings up my "Session Timeout" notification page. This isn't what will happen in the end but I just wanted to tell you that the filter does work in certain instances.
How can I make the system not attempt to login the anonymous user and have the filter code run?
TIA, Dave
package isdbs.view.security;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ApplicationSessionExpiryFilter implements Filter {
    private FilterConfig _filterConfig = null;
    public void init(FilterConfig filterConfig) throws ServletException {
        _filterConfig = filterConfig;
    public void destroy() {
        _filterConfig = null;
    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain) throws IOException, ServletException {
        String requestedSession =   ((HttpServletRequest)request).getRequestedSessionId();
        String currentWebSession = ((HttpServletRequest)request).getSession().getId();
        boolean sessionOk = currentWebSession.equalsIgnoreCase(requestedSession);
        // if the requested session is null then this is the first application
        // request and "false" is acceptable
        if (!sessionOk && requestedSession != null){
            // the session has expired or renewed. Redirect request
            ((HttpServletResponse) response).sendRedirect(_filterConfig.getInitParameter("SessionTimeoutRedirect"));
        else{
            chain.doFilter(request, response);
}Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.RealmUserAdaptor isMemberOf
FINE: JAAS-OC4J: Membership check for group: ISDBS_USER failed for user: anonymous
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option debug = true
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option log level = log all
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option logger class = null
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option data_source_name = jdbc/elearnDS
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option user table = TBL_LOGIN
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles table = XREF_LOGIN_ROLE
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option username column = LOGIN_NM
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option password column = PASSWORD
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles column = ROLE_NM
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option user pk column = LOGIN_NM
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option roles fk column = LOGIN_NM
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option password encoding class = oracle.sample.dbloginmodule.util.DBLoginModuleClearTextEncoder
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option realm_column = null
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] option application_realm = null
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] login called on DBTableLoginModule
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Calling callbackhandler ...
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Username returned by callback = null
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] User query string: select LOGIN_NM,PASSWORD, LOGIN_ATTEMPTS, ACTIVE_IND from TBL_LOGIN where lower(LOGIN_NM)= lower((?))
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Logon Successful = false
09/03/30 09:38:04 [DBTableOraDatasourceLoginModule] Abort called on LoginModule
Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.OC4JUtil doJAASLogin
WARNING: Login Failure: all modules ignored
javax.security.auth.login.LoginException: Login Failure: all modules ignored
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
     at oracle.security.jazn.oc4j.OC4JUtil.doJAASLogin(OC4JUtil.java:241)
     at oracle.security.jazn.oc4j.GenericUser$1.run(JAZNUserManager.java:818)
     at oracle.security.jazn.oc4j.OC4JUtil.doWithJAZNClsLdr(OC4JUtil.java:173)
     at oracle.security.jazn.oc4j.GenericUser.authenticate(JAZNUserManager.java:814)
     at oracle.security.jazn.oc4j.FilterUser.authenticate(JAZNUserManager.java:1143)
     at com.evermind.server.http.EvermindHttpServletRequest.checkAndSetRemoteUser(EvermindHttpServletRequest.java:3760)
     at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:706)
     at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
     at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)
     at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
     at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
     at java.lang.Thread.run(Thread.java:595)
Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.GenericUser authenticate
FINE: JAAS-OC4J: Authentication failure for user: null
Mar 30, 2009 9:38:04 AM oracle.security.jazn.oc4j.RealmUserAdaptor isMemberOf
FINE: JAAS-OC4J: Membership check for group: ISDBS_USER failed for user: anonymous

I added an HttpSessionListener upon login here's what I get:
09/03/31 08:21:25 Inside sessionCreated
09/03/31 08:21:25 Before New session createb = 0
09/03/31 08:21:25 Created session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
09/03/31 08:21:25 After New session count = 1
At session timeout here's what I get:
09/03/31 08:23:27 Count before destroyed = 1
09/03/31 08:23:27 Destroyed session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
09/03/31 08:23:27 Count after destroyed = 0
09/03/31 08:23:27 Inside sessionCreated
09/03/31 08:23:27 Before New session createb = 0
09/03/31 08:23:27 Created session id: 854b4b95cf28ceb065d0489a31ee79c19feabb80716f6d828b77fc7044b210bf
09/03/31 08:23:27 After New session count = 1
Notice that the session Id in each case is IDENTICAL. That is why the Filter code isn't doing what it is intended to do. Whay is the same session ID being created after it is destroyed? Is there a configuration parameter that controls it?
Thanks,
Dave

How to check and change the dafault session timeout of the Portal?

Hello,
When leaving a portal page open without using it for a certain amount of time and then accessing it again the Session times-out.
Where can I check and change this default time-out time in case I would like to extand it for the end users?
Roy

Hi Roy,
Session timeout includes multiple settings (J2EE setting and SSO setting at User Management).
Defining the Timeout in J2EE Session
1. Open file web.xml (path depends on the version of EP6.0. If it is based on NW04, then
..\cluster\server0\apps\sap.com\irj\servlet_jsp\irj\root\WEB-INF
2. Enter a value in minutes under <session-timeout>. The value should roughly correspond to the length of a synchronization cycle. The default is 30 minutes.
After a successful login, it receives a SSO ticket which is valid for longer duration (generally 8 hrs, default which you can changed using "System Admin" as mentioned by Yoel.
Thanks,
Swapan

Portal session Timeout

Hi,
I want to increase the portal session timeout to 2hrs. We have 2 Portal server which are load balanced. The configuration is as below:
Portal Version: 10.3.0.337003
.NET Version: 2.0
OS: Win 2003 Server
Database : Oracle 11g
IIS:6.0
On both the server I have edited the session time out parameter corresponding to the file as mentioned below:
Portalconfig.xml :
<setting name="BrowserLoginTokenExpiration">
<value xsi:type="xsd:integer">120</value>
</setting>
BEA Web.config
<sessionState cookieless="false" timeout="120" />
.NET Web.Config
<sessionState timeout="120" />
But still the we are not able to achive 2 hrs of session timeout. Do we have to make entry in .NET machine.config? Please let me know if thier is any other file where changes is required?
Also in lower environment, we have our portal installed on .NET 2.0 framework ( only one instance of portal server ), we are able to achive 2Hrs of session time out by modifying the state management session time out value ( default website-> properties->asp.net tab->edit configuration->state management tab)
Please help me!!
Edited by: Oracle WCI on Oct 10, 2011 1:43 PM

As per the documents share by oracle support..only place in WCI 10gr3 (10.3.0.1) and IIS where we set timeout value is State Management tab (default website->portal ->properties->asp.net->edit configuration-state management)..we have this valye set to 2Hrs (120 min) on both the portal server ( load balanced)..but still portal is getting time out after 1 hrs..I am not sure which external factore is limiting this to 1 hrs..
both portal server are load balanced and IWA is implemented...
Any light on the external factor line SSO setting, Load balanced ..etc will be higly appriciated..Please help!!

How to deal with session timeouts?

How to deal with session timeouts?
With our current configuration of using single signon, when the web session times out (currently 20 minutes of inactivity), the user loses anything they have entered on a service form. The use case is that a user starts filling out a form and gets interrupted, goes to lunch, etc, returns and spends time filling out the form (in the mean time the web session has timed out). When they try to submit the service they get re-logged in through SSO and they have lost all of their entries in the service. This creates some very unhappy users.
I'd like to know how long other customers set their web session timeouts to and if anyone has come up with ways of handling this situation - either through somehow re-establishing the session or through warnings to the user about how long they have to complete a form.

Hi,
The timeout period for HTTP sessions that are created in the corresponding Web application. After being inactive for the specified timeout, the HTTP sessions expire. The period is specified in minutes:
<!ELEMENT session-timeout (#PCDATA)>
You can only change the session timeout property in the applicationu2019s own deployment descriptors. This is not possible for the Global Web Descriptor.
following may help you:
[Additional Configuration Settings |http://help.sap.com/saphelp_erp2005vp/helpdata/en/a9/7a9602ad094b82a293f06d1cbe2c14/frameset.htm]
Regards,
Sahidur

Session Timeouts and SmbServer

Hi,
When having iFS mapped to a network drive (via SMB), the SMB server
is unable to recover from a timeout of the LibrarySession. The network
drive then seems to be empty and doing a refresh within explorer
doesn't help either. The only thing that helps, is remapping the
network drive.
Within Node.log of iFS I see this stacktrace.
7/10/02 9:02 AM SmbServer: oracle.ifs.common.IfsException
oracle.ifs.common.IfsException: IFS-21000: Session is not connected or has timed-out
at java.lang.Throwable.fillInStackTrace(Native Method)
at java.lang.Throwable.fillInStackTrace(Compiled Code)
at java.lang.Throwable.<init>(Compiled Code)
at java.lang.Exception.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.common.IfsException.<init>(Compiled Code)
at oracle.ifs.beans.LibraryObject.verifyConnected(Compiled Code)
at oracle.ifs.beans.Folder.findPublicObjectByPath(Compiled Code)
at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
at oracle.ifs.beans.FolderPathResolver.findPublicObjectByPath(Compiled Code)
at oracle.ifs.protocols.smb.server.DbTree$DbQuery.<init>(Compiled Code)
at oracle.ifs.protocols.smb.server.DbTree.getQuery(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.trans2FindFirst(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.replyTransaction2(Compiled Code)
at oracle.ifs.protocols.smb.server.ComTrans.process(Compiled Code)
at oracle.ifs.protocols.smb.server.ComSmb.handleSmbMessage(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.handleNbMessage(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.readPackets(Compiled Code)
at oracle.ifs.protocols.smb.server.SmbThread.run(Compiled Code)
This behavior actually causes us big problems when editing files via MS Office.
Fortunately Office is able to still save it's data using some generated filename.
(At least until now I could not create any data loss)
But then you have to close it, remap then network drive, rename the file and then
reopen the file. This is big trouble to users, which are not familiar with mapping
network drives and renaming files with extensions.
Is there a way to make the SmbServer keep the LibrarySession alive, as long as
the network drive is mapped ?
Regards,
Jens Lorenz

Workflow #2:
Login to my account
Click view all email
Open Drafts Folder
Open draft email response
Select "Send" to send email (total in session time of 30 seconds)
On screen reload, where I would expect to see some sort of indication that my email was successfully sent, instead the system throws session time out message and kicks me out.
I have no idea if my email was successfully sent or not.
Workflow #3:
Login to my account
Click view all email
Attempted to open the first new email in my inbox (total time in session <15 seconds)
System throws session timeout error and kicks me out to the main login.
There is obviously something going on with your session holding code. The session variable is not being passed correctly or something but it's very, very frustrating to spend 30-45 minutes trying to type out a couple of lines, particularly when you have multiple important activities going on that you need to respond too via email.

Session Timeout Alert text is not getting displayed on web ui.

Hello,
In "Session Timeout Alert" pop up we are facing one issue. The pop up is getting displayed as per the value in rdisp/plugin_auto_logout parameter i.e. 1800. But the text is not getting displayed.
I have implemented the SAP Note 1877120 also. Any inputs to resolve this issue.
Thanks.

Hi Sigrid,
When we do pre activities related to OTR, need to save it in standard name space only ? could you guide me pls.
in the below we have Alias and package are standard.
1.) There are 4 texts which needs to be configured via SOTR_EDIT to get the translation according your languages implemented in your CRM.
a.) Start doing it by opening transaction SOTR_EDIT.
b.) Change to the language you would like to use.
c.) As ALIAS enter first CRM_IC_CMP_FRAME/SESSION_PING_TITLE. Click on Create and confirm the following dialogues.
d.) Enter CRM_IC_CMP_FRAME as package and the object type as WAPP.
e.) Finally enter the translation according your language from the english version (length of text: 25):
"Session Timeout Alert !"
f.) Save you changes
Repeat the steps a.) to f.) with the following aliases and options:
Jimmi

SSO logon tickets not working in two different OS

HI All,
We have sucessfully implemented SSO logon tickets concept to access a j2ee application through portal on windows OS.
We could able to do the samething on two j2ee instances installed on two different machines on same domain. I mean, deploying our application in one j2ee instance and accessing the application thru portal of another j2ee instance thru SSO logon ticket by adding some configuration steps in Visual administrator given in help.sap.com. This also we did in same OS windows.
But now the problem is, when we try to implement the above scenario in two different OS, say application is deployed on HPUX machine, and accessing that application through Portal from Solaris machine, SSO logontickets is failing. Means we couldnt able to access the application. Both the OS are in same domain only.
What extra configuration steps need to be done in VA, to get work with two different OS?
Please share ur ideas.
Regards,
Satish.

Hi..
I guess probabaly the internet explorer doesnot accept the sso ticket.
What you can probably check is that the compatability of explorer for the solaris and HP UX os with Windows OS.
Also,please check whether the SSO ticket is getting populated and What error are you getting exactly when the SSO fails and that will give some idea to proceed further
<u>deploying our application in one j2ee instance and accessing the application thru portal of another j2ee instance[/u
What the above mean...how are you deploying ?? what tool ?? which J2EE instance out of the two ??
Thanks
Gopal

How to configure a session timeout for DynPro applications?

Hello,
1. Where can I configure the session timeout of the DynPro applications?
2. Can I configure a session timeout per application and how do I do that?

Hello Heidi,
I am not familiar with this property:
1. Where can I configure it?
2. Does it apply to every application at the portal?
3. What if I would like to configure just one application?
By the way, I have noticed that the DynPro application has an expirationTime property. The documentation says this:
Specifies the lifetime in seconds of a Web application on the server before the Web application is terminated by the server. The value of the DefaultExpirationTime parameter of the system configuration is used as the default value.
My question is if someone tried to use this property?
Message was edited by: Roy Cohen

SSO logon session timeout

Similar Messages

Maybe you are looking for