Question

Why are SSO authenticated users logged out?

3

We are using SSO (Kerberos) but I've just witnessed an active user being logged out with the message 'Invalid session' Any thoughts on why this occured, the log doesn't show anything strange whatsover

asked 2010-01-07

Michel Vermeer

4 answers

2

This usually happens when the same user logs in on a different browser or computer; this kills the old session with an 'Invalid session' message.

answered 2010-01-07

Robert van 't Hof

1

Yeah this I know but I've witnessed multiple logouts by users that were actively using the application.

The log only shows that the X-as is reusing the old session but doesn't explain to us why...

answered 2010-01-08

Michel Vermeer

0

New things have to light; the problem is 'IE 8 only'.....

answered 2010-01-08

Michel Vermeer

Michel Weststrate · Accepted Answer · 2010-01-08

All sessions will expire after an certain amount of time, this is hard-coded in the XAS. However, as long as the user is active in the browser, keep-alive requests will be send.

Note that SSO does not influence the session behavior of the XAS, it only replaces the login process.