Question
SSO: LDAP Timeout can't re-login as different user
Hi Team,
I know that different user cannot log into portal after LDAP Timeout. But I need to allow different user to log into application after timeout.
How to implement this ?
Thanks in Advance
***Moderator Edit: Vidyaranjan | Updated Categories***
Kevin,
We have an application which uses LDAP Authentication. When user log into application with userID "A" and keep browser idle for 30mins and click on any link it will re-direct to login screen. Now If I try to login with userID "B" I'm getting and error "May Not Change Username during Timeout revalidation". But I want it to allow for UserID "B" after authentication Time-out.
For actual behavior check below link. But I need to change that behavior.
https://pdn.pega.com/support-articles/sso-ldap-timeout-cant-re-login-same-user-mixed-case
Accepted Solution
Hi,
There is a check done at the engine level that does not allow for different users to login after a timeout. That will not be changing as it's a security issue to have different users access the same requestor. That is what would occur if we allowed that behavior.
If I may offer an alternative.
A very popular timeout behavior is to log the users off when they are idle for "x" amount of time. The nature of work item progression and saves doesn't result in data loss except for forms that may have had user content added before the timeout occurred.
If you log the users off after a timeout then the old user requestor is cleared and subsequent logins for a new user use a new requestor.
Hope this helps.
can you please elaborate your requirement with some screenshots? Do you mean you need a button like 'switch to different user' in the timeout relogin-window?