Question

'Session-Timeout' back to login screen

Session Timeout can be done on the advance tab of access group or in portal rule using pxSessionTimer.

However, is there a way to take user back to login screen instead of just re-authenticate after period of inactivity.

Correct Answer
July 2, 2019 - 11:55am

Sorry for the delay. I noticed my session timer in 7.4 didn't have a function to close all the PRPC child windows on logoff so I added that back in and tested it. 

Attached is SessionTimer_Logoff_74_Community.txt.  This file contains Javascript functions only.

Install Notes:

1) Copy pxSessionTimer section rule to an application ruleset and rename to SessionTimer<AppName>

2) Update SessionTimer<AppName> and add all the contents of the SessionTimer_Logoff_74.txt to the existing script block. Just before the ending </script> tag.

3) Add the SessionTimer<AppName> section to you portal header. This is by default pyPortalHeader. It takes up no visible space.  Do not put this anywhere that has dynamic content. 

4) There is a parameter page for SessionTimer<AppName> once you added it. This lets you control the timeout and warning values. The "Show Authentication screen in" parameter settings has no functionality with this code, it's always a inline modal div. 

Testing:

You can test this by launching the end user portal from the developer portal. The lowest combination you can test with for timeout and warning is 3 & 1. This is because of the way the warning timer works. 

With 3 minute timeout and 1 minute warning you will see the logoff countdown timer after 2 minutes with a 1 minute countdown. When the countdown reaches 0 logoff code will fire. When launching from a developer portal the window containing the end user portal will just close, no logoff will occur. (Same as if you use logoff from a launched portal)

Remove existing timeouts:

Once you are done testing you will no longer need any PRPC timeout value configured in end user AccessGroup. Simple remove the value and update the AccessGroup.  If using SSO make sure you test with a SSO login before moving out of dev or test into production. 

Adjust the timeout and warning values to proper timeout values per your need. Example: 30 minute timeout with 2 minute warning. 

 

Comments

Keep up to date on this post and subscribe to comments

Pega
June 27, 2019 - 11:00am

Hi,

Yes but i need to know what version of PRPC you're on.  

I have session timers for most versions of PRPC that do a auto logoff with a model warning window with count down timer. 

Edit:

From another post you made regarding similar content i see you're on 7.4.  I will get the info for you shortly.

July 2, 2019 - 10:51am
Response to ChrisKoyl

Yes 7.4

July 21, 2019 - 12:38am
Response to ChrisKoyl

Hi Chris,

Do you have this session timer code for 8.2.1 version.

Pega
July 24, 2019 - 2:02pm
Response to ROBOWARRIOR

Hi Robowarrir,

The same code will work for 8.2.1 also.

Thanks,

Kranthi

 

Pega
July 2, 2019 - 11:55am

Sorry for the delay. I noticed my session timer in 7.4 didn't have a function to close all the PRPC child windows on logoff so I added that back in and tested it. 

Attached is SessionTimer_Logoff_74_Community.txt.  This file contains Javascript functions only.

Install Notes:

1) Copy pxSessionTimer section rule to an application ruleset and rename to SessionTimer<AppName>

2) Update SessionTimer<AppName> and add all the contents of the SessionTimer_Logoff_74.txt to the existing script block. Just before the ending </script> tag.

3) Add the SessionTimer<AppName> section to you portal header. This is by default pyPortalHeader. It takes up no visible space.  Do not put this anywhere that has dynamic content. 

4) There is a parameter page for SessionTimer<AppName> once you added it. This lets you control the timeout and warning values. The "Show Authentication screen in" parameter settings has no functionality with this code, it's always a inline modal div. 

Testing:

You can test this by launching the end user portal from the developer portal. The lowest combination you can test with for timeout and warning is 3 & 1. This is because of the way the warning timer works. 

With 3 minute timeout and 1 minute warning you will see the logoff countdown timer after 2 minutes with a 1 minute countdown. When the countdown reaches 0 logoff code will fire. When launching from a developer portal the window containing the end user portal will just close, no logoff will occur. (Same as if you use logoff from a launched portal)

Remove existing timeouts:

Once you are done testing you will no longer need any PRPC timeout value configured in end user AccessGroup. Simple remove the value and update the AccessGroup.  If using SSO make sure you test with a SSO login before moving out of dev or test into production. 

Adjust the timeout and warning values to proper timeout values per your need. Example: 30 minute timeout with 2 minute warning. 

 

July 2, 2019 - 12:37pm
Response to ChrisKoyl

Sweet!

I will give this a try and let you know if I have questions.

July 2, 2019 - 2:47pm
Response to ChrisKoyl

There are 3 out-of-the-box pyPortalHeader rules.

Which one should we use and does it also need to get saved in current ruleset.

  • pyPortalHeader of class Pega-Landing-Security-AccessManager
  • pyPortalHeader of class Data-Portal
  • pyPortalHeader of class PegaPS-Data-Portal-EndUser

July 2, 2019 - 4:23pm
Response to ChrisKoyl

It seems we are using pyCWPortalHeader.

I used Section Include for the SessionTimer<AppName> code here and it appears to be working great!

July 2, 2019 - 4:57pm
Response to HenryA80

That's great @HenryA80!

Did that resolve your question?

Marissa | Community Moderator | Pegasystems Inc.

July 3, 2019 - 11:49am
Response to MarissaRogers

Super Awesome!

It worked the first time.

Love it!!

November 19, 2019 - 7:22pm
Response to HenryA80

Made the suggested changed and set the values of timeout as 3 and 1, but the session expiry is not kicking in and not showing any modal, when i check the browser console i am seeing that there is some issue with the script. I am attaching the script that i am using "SessionTimer<Appname>' .. please check and let me know.

 

Getting these 2 errors in the Chrome browser console

Uncaught SyntaxError: Unexpected end of input
failed: Error during WebSocket handshake: Unexpected response code: 501

 

November 19, 2019 - 7:22pm
Response to ChrisKoyl

Made the suggested changed and set the values of timeout as 3 and 1, but the session expiry is not kicking in and not showing any modal, when i check the browser console i am seeing that there is some issue with the script. I am attaching the script that i am using "SessionTimer<Appname>' .. Can you please check and let me know ?

Getting the below 2 errors in the Chrome browser console.

Uncaught SyntaxError: Unexpected end of input
failed: Error during WebSocket handshake: Unexpected response code: 501