Question
Requestor Session Timeout for SSO
Hi,
We are trying to implement requestor session timeout. This is not for default /prweb. We have SSO based authentication which is something like /prweb/PegaSSO.
We have added <env name="timeout/browser" value="60"/> in our prconfig.xml. I believe the value is in seconds. But we dont see the session cleaned up after 60 seconds.
I did read some articles on adding session timeout in Access Group. This is something we haven't tried.
Any thoughts and suggestions will be helpful.
***Updated by moderator: Lochan to add Categories***
Hi Kiran,
Thanks for posting on PSC,
Enter a number of seconds after which the system challenges idle browser sessions (for users of this access group), asking users to re-enter their Operator ID and password. This timeout event does not cause session context or clipboard contents to be lost.
If users respond to the challenge and are re-authenticated, they can usually continue processing where they left off, unless the system released locks they held in the meantime, or the system was stopped and restarted.
This setting is also taken into account in a mobile app that is either online or offline. When the timeout value is reached, the user is automatically logged out when they perform any action. They are brought back to the login screen.
Note: This authentication timeout is not related to the timeout/browser value in the prconfig.xml file or Dynamic System Settings, which controls when passivation occurs.
Refer it:-https://pdn.pega.com/sites/pdn.pega.com/files/help_v721/procomhelpmain.htm#data-/data-admin-/data-admin-operator-/data-admin-operator-accessgroup/settings.htm
Kindly notify if it helps you in implementing your business requirement, by marking this post as answered.
Regards,
Asif