Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Incorrect Authentication on timeout



An LDAP SSO implementation uses pxSessionTimer to handle user idle timeout re-authentication. 

On timeout, users should see the following standard PRPC screen for timeout re-authentication:

Sporadically, the users are seeing the default PRPC login screen instead of the above login screen. 

Error Messages

Not Applicable

Steps to Reproduce

1. Log in to PRPC Application1 in IE tab1
2. Wait for 20 minutes until session timeout warning alert appears
3. Log in to PRPC Application2 in IE tab2
4. Log off PRPC Application 2
5. In PRPC Application1 click Okay button on timeout warning alert


Root Cause

When the problem occurs NO PRPC or JESSIONID cookies are sent to the server. This causes PRPC to treat the request as a new session.
All PRPC applications had the following in a customized Web-Session-Return HTML rule that is used when logging off PRPC:

This Internet Explorer only clears all in memory session cookies associated with iexplore.exe process. When using browser tabs, this code would clear session cookies associated to other running applications in different tabs. 


The above script block was removed in PRPC 6.3 SP1 and is not needed. On logoff, set the Pega-RULES cookie to "None".

Remove this script block if you have customized your Web-Session-Return HTML rule or any other HTML rules used during logoff.

Published January 31, 2016 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us