SAML: Timeout not working properly
The user has configured the SAML authentication. User has set a timeout of 10 mins(600 seconds) in the access group and configured to call an OOTB activity (pySAMLWebSSOTimeoutActivity) on timeout. On time out, if the user clicks on other actions menu, application is not responding.
Steps to Reproduce
- Configure timeout on Access Group
- Configure OOTB timeout activity on SAML auth service
- Wait for timeout period and perform any operation
A defect in Pegasystems’ code or rules
When the TimeOut activity is triggered, if the user clicks on refresh or any other link in the application, request is sent to IDP for authentication as the session is still alive in IDP ( timeOut setting identified in IDP is 120mins), IDP authenticates automatically and user is able to continue the work as expected. But if the user clicks on other actions menu, Application doesn't respond or no request is sent to IDP to authenticate it. Application only responds to refresh or clicking any link but not for other actions menu.
An enhancement request, FDBK-17748 has been raised.