cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single AD Sign-On

Go to solution
Former Member

on ‎2009 Mar 11 2:42 PM

0 Kudos
64

Single sign on works fine the first time someone goes in, but if they leave their session unattended, and the timeout runs out, it says session expires and makes them log in. What is the point of single sign on then. Is this the way it is supposed to work. Shouldn't it just re-log them in using single sign on again if there is an available session.

My users are probably going to kill me over this. Please help.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member136842
Employee
Employee
‎2009 Mar 11 4:41 PM
0 Kudos

Hi Karen,

which Version of BO ? Rel.2 or XI3.x ?

There is a default Timeout for the InfoView Application in the web.xml file on your Tomcat. Default is 20 Minutes. Maybe they get logged of after those 20 Minutes ?!

Regards

-Seb.

Show replies
Show replies
Former Member
‎2009 Mar 11 4:48 PM
0 Kudos

Yes, I know about the timeout setting. That's what I'm asking though. After the timeout has expired, if there is a session available, why can't the user just be "logged back in" without having to manually type a user-id and password. I mean, isn't that was single sign on is about.

Former Member
‎2009 Mar 11 7:27 PM
0 Kudos

In the Web.xml file look for the following entry

<param-name>logontoken.enabled</param-name>

<param-value>true</param-value>

and make sure that the value is set to "true".

Former Member
‎2009 Mar 12 12:39 PM
0 Kudos

Thank you very much. This does seem to work. However, I noticed that resulted in a new problem. I logged in as a test user and verified that I could see that user in the CMS server. Our timeouts are set to 10 minutes. According to the CMS server, it dumped that user earlier then 10 minutes (which is another problem). After 15 minutes, I was able to run another report without being prompted for a login. However, now my test user is now tying up 2 licenses.

BasicTek
Advisor
Advisor
‎2009 Mar 12 12:54 PM
0 Kudos

> 

> Thank you very much.  This does seem to work.  However, I noticed that resulted in a new problem.  I logged in as a test user and verified that I could see that user in the CMS server.  Our timeouts are set to 10 minutes.  According to the CMS server, it dumped that user earlier then 10 minutes (which is another problem).    After 15 minutes, I was able to run another report without being prompted for a login.  However, now my test user is now tying up 2 licenses.

are you using the session cleanup listener on XI 3.x? if so comment that out in the web.xml

-Tim

Answers (1)

Answers (1)

BasicTek
Advisor
Advisor
‎2009 Mar 12 1:05 AM
0 Kudos 
Shouldn't it just re-log them in using single sign on again if there is an available session

The logontoken from the last post should correct this(it is also normally enabled by default). If not what type of SSO? web/app?

Saving the logon URL(ends in logon.do, logon.aspx, or logon.jsp depending on web/app and version) will allow anyone to re-init the SSO process by selecting the link from their favorites (that should help).

Regards,

Tim

Show replies
Show replies
Ask a Question