Support Article

Session Timeout not working

SA-53167

Summary



SAML single sign-on (SSO) for authentication is used.

Below is the Dynamic System Setting (DSS):

prconfig/browsertimeout/default = 1200
prconfig/applicationtimeout/default = 1200

However, the session does not expire in 20 minutes.


Error Messages



Not Applicable


Steps to Reproduce



Keep the session on and wait for the session to expire.


Root Cause



Authentication timeout for the access group was applied with SSO.


Resolution



Perform the following local-change:
  1. Uncheck the Use PegaRULES Timeout checkbox in the Authentication Service Advanced configuration settings.
  2. Copy pxSessionTimer and rename it to SessionTimer<ProjectName>.
  3. Add the following script below the existing <script> block just before the </script> tag.

    function desktop_restartTimeoutWarningTimer(){
            if (pega.desktop.TimeoutTime && pega.desktop.TimeoutTime > 0) {
                                  /* Calculate the time to initial warning in milliseconds*/
                                  var nTimeoutWarningTime= (pega.desktop.TimeoutTime - pega.desktop.TimeoutWarningWindow) * 60000;
                                  /* Clear the existing countdown */
                                  clearTimeout(pega.desktop.TimeoutWarningCountdown);
                                  if (nTimeoutWarningTime >= 0) {
                                                 pega.desktop.TimeoutWarningCountdown = self.setTimeout("desktop_showTimeoutWarningCUSTOM('"+pega.d.TimeoutWarningWindow +"')",nTimeoutWarningTime);
                                  }
                                                                                                                                                                                                                                                                                                                                              }              
    }

    function desktop_showTimeoutWarningCUSTOM(strTime) {

         var iTime = parseInt(strTime);
         iTime = iTime * 60000;
         var oSafeURL = new SafeURL("@baseclass.ShowLogoffTimer");
         oSafeURL.put("time",iTime);   

         pega.openUrlInModal.showModalDialog(oSafeURL,iTime, 210, 620, function(ret){          

                if (ret == null || ret == "ok") {
                     desktop_restartTimeoutWarningTimer();
                } else {
                   pega.u.d.gDirtyOverride = false;
                   try {
                      closeAllPRPCChildWindows();
                      application.logOff(true);
                   } catch(e) {
                      pega.u.d.replace('pyActivity=LogOff&pzPrimaryPageName=pyDisplayHarness', null);
                   }
                }
          });
          self.setTimeout(function(){clearTimeout(pega.desktop.TimeoutWarningCountdown);}, 5000);
    }
    function closeAllPRPCChildWindows()
      {
       var currWin = null;
       var app = pega.desktop.support.getDesktopApplication();
      
       while (null != (curWin = app.openedWindows.pop())) {
          curWin.close();
       }
    }

  4. Copy the ShowLogoffTimer activity to the application ruleset (to the same ruleset where SessionTimer<ProjectName> is included).
  5. Copy and rename LogoffTimer HTML rule to LogoffTimer<ProjectName> and ensure the closeMe function has the following lines of code.

    function closeMe()
    {
       if(arguments.length == 0){
        window.returnValue="timeout";
        }
     if(typeof window.closeModal == 'function') { window.closeModal(); } else { window.close(); }
     }

Suggest Edit

Published September 26, 2018 - Updated October 8, 2020

Did you find this content helpful?

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.