Support Article
Authentication Timeout challenge screen issue
SA-1558
Summary
PRPC developer configured the session timeout options in the Custom authentication service WebLDAP1 and using the "Use PegaRules Timeout" and given a Timeout challenge stream.
But the system behavior is incorrect and shows the end user portal the default authentication timeout options instead of using the htlm rule passed in the Timeout challenge stream
Error Messages
N/A
Steps to Reproduce
1. Configure the session timeout options in the Custom authentication service WebLDAP1 using the "Use PegaRules Timeout" & specify custom 'Timeout challenge stream'
2. After authentication timeout check whether the system shows the configured authentication challenge screen or not.
Root Cause
Above solution may lead to data loss, if user session is timed out while there is an unsaved work. The solution is to use pxSessionTimer, which prevents the data loss.
Resolution
The solution is using the pxSessionTimer that alerts the user before the session timeout, hence the data loss is avoided. This is documented in the below article.
https://pdn.pega.com/security/troubleshooting-re-authentication-after-timeout-displays-deleted-document-page
Published January 31, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.