cancel
Showing results for 
Search instead for 
Did you mean: 

[BUG]SCN Login, please fix already

Jelena
Active Contributor

This has been working [not] the same way since go-live. When I open SCN for the first time, I'm prompted for the certificate but then the page does not show me as logged in and I cannot do anything but browse. However, if I navigate to another page, I'm logged in.

Later in the date, the opposite usually happens - I can see my picture when I open SCN but as soon as I click Notifications it says I'm not logged in.

Related question: https://answers.sap.com/questions/101002/terrible-login-experience.html

It's been months already, could someone please fix this? I use SAP Passport with S-user in Chrome and I have no such issues on any other SAP sites (e.g. Support portal or Jam).

UPDATE: since the last update the certificate is not picked up automatically at all anymore. I have to click on the login (blank avatar) button explicitly every single time I open SCN. Only then I get the certificate prompt. If I close the browser, I have to login again the same way.

jerryjanda
Community Manager
Community Manager
0 Kudos

Sorry for missing this one. I'm going to see if there is any new info to report here.

Jelena
Active Contributor

CC oliver , sebastian.wolf - how is this for "steps to reproduce"? It's been almost a year, no answers.

Even though I don't use a certificate currently, it still works the same way. In the morning, I have to click Login button. It picks up my ID/password as stored in browser and logs me in. Not sure why it can't just do this by default but fine.

Come lunch time, the home page shows that I'm logged in but if I try to navigate elsewhere in another tab then I'm not actually logged in there. This could also happen at random if I leave the browser open and just step away for some time.

I suspect the same issue is causing the "smug people" screen when trying to access Notifications, as described here. I'm not an expert here but it seems that there is either some kind of timeout that logs you out sneakily without letting you know or SCN just somehow can't hold on to your login when you use multiple tabs (which is what most people do in modern browsers).

Thank you.

jerryjanda
Community Manager
Community Manager
0 Kudos

Hi, Jelena:

I believe both Oliver and Sebastian are still on holiday, but per our twitter exchange, I have reached out to IT colleagues. Either they or I will respond as soon as there's more info.

Just wanted you to know that we're looking into it (and that Oliver and Sebastian aren't ignoring your comment).

--Jerry

sebastian_wolf
Active Participant

We currently apply a session time-out of 8 hours. However, these 8 hours apply per service, so you might have a different auto logout time for Blogs, Answers, Notifications etc. as they are separate systems. In an ideal world, these sessions would be synchronized, even if they are owned by technically completely independent systems as it is the case here. In addition, especially Answers has quite some troubles with its session management. We've been in contact with the vendor for a while now and it seems that we will see improvements this year - finally. Moreover, there are some additional aspects, e.g. with SAP ID Service, which are also part of the problem and of course the solution.

I know that we are responsible for this situation as we operate the SAP Community. And of course, I really know the pain as well - we face the same issues here during testing. But where I also need to be very honest is to tell you that due to the inherent complexity of the issues with session management on a platform that is no longer monolithic, but consists of several micro-services, a blogs platform based on WordPress and a Q&A solution based on AnswerHub, we haven't spent the huge amount of time and resources yet to finally get rid of the problems here. Like always in any industry when it comes to finding the balance between fixing bugs and developing new features with scarce resources, you need to commit to one thing while you postpone the other.

For the SAP Community, the impression of our team has been until now that a re-login in certain situations is something we could tolerate a little longer while we focus on more critical bugs and especially more critical new features - for the benefit of everybody. This of course doesn't mean that we ignore such problems completely - not even close... We will continue analyzing this issue and your reports definitely help us in fixing the issues. So thank you very much again for the details!

Jelena
Active Contributor

It always happens to me within less than 8 hours somehow. But even if, say, 8 hours passed and I was auto logged off automatically then why does SCN keep showing me as if I'm logged in? This happens right after I start browser, so it's not like I've been sitting there the whole day, keeping a tab open. I'm having trouble understanding the reason for this.

This part that is a source of constant frustration for me. I open an SCN page that shows me as logged in. Then either I get an error when clicking Notifications or worse, open a bunch of tabs with questions just to find out a second later I'm not actually logged in and now have to login manually to post anything. Which also loses the question I was in and shows me the last opened tab instead - browser functionality, I know, but this just piles up.

former_member186338
Active Contributor

Why do we need 8 hours timeout for Q&A, Notifications, Blogs etc...? Can be 30 days 🙂 It will not solve the synchronization issue but it will happen not so often!

sebastian_wolf
Active Participant

As mentioned, we are having session issues especially with Answers. The symptoms which you are describing (e.g. logout under the given session timeout) are most certainly related to the bugs which we've reported long ago and which are supposed to be fixed with the upcoming major update of our AnswerHub platform.

So, I'm really sorry for the constant frustration in this area. We will keep on pushing our vendor for a solution.

sebastian_wolf
Active Participant
0 Kudos

The 8 hours are set by the SAP ID Service which we also use for authentication. Several aspects were taken into account when our colleagues defined that timeframe, but basically it comes down to a reasonable balance between security and user friendliness considerations. As you have a single logon not only for SAP Community, but also for other, more delicate services, they chose that timeout of a normal working day...

former_member186338
Active Contributor

Sorry, but from your previous posts I can see that timeout is set independently for different services!

8 hours for Q&A forum???? Super security??? To my mind it's absence of common sense!

sebastian_wolf
Active Participant
0 Kudos

I'm sorry for the misunderstandings here. So let me try to be a little bit more precise. 8 hours are given by SAP ID Service, starting from the time when you perform the first logon. The system which triggered the logon establishes its own session at the exact same time (could be your Profile, Blogs, Q&A, Support Portal etc.). At a later point in time (maybe of a period of inactivity) you move to another service and as you still have a session with SAP ID Service, this particular service also establishes a session with 8 hours validity. As time may have passed in the meantime, the original service has - of course - a shorter remaining, internal session lifetime. This is simply due to the fact that we don't have proper means to synchronize the _internal_ sessions in our heterogeneous landscape _yet_. Of course, we could define a different internal session lifetime for each of the services than the one which is used for SAP ID Service, but we agreed that it's the best option for now to apply the same lifetime for all services for consistency reasons. If we did it differently, it could cause other issues...

former_member186338
Active Contributor

That’s exactly my point: different services require different security level! 8 hours for Community related services looks absolutely ridiculous. “Consistency reasons” is a strange argument, you are actually using the most restrictive time period for the services that do not require it.

P.S. May be next time some SAP service will require fingerprint to login - then we have to provide fingerprints to participate in the Community???

sebastian_wolf
Active Participant
0 Kudos

There are simply different opinions on this topic. Some people argued exactly as you did, some favored the consistency argument. Each side has positive and negative aspects and in the end somebody needed to make a decision. The decision was done in favor of the consistency argument...

former_member186338
Active Contributor

I understand how this decision was made but the result of the decisions like this is that people are leaving Community. Each day I am receiving number of “logged out” alerts and it’s frustrating.

waldo
Contributor
0 Kudos
"We will keep on pushing our vendor for a solution."

No comments.

Last SCN community runs on Jive. It hurt when SDN community moved to SCN's Jive platform, but it worked fine at least!

Which "vendor" do we have now? 0_o

sebastian_wolf
Active Participant
0 Kudos

Well, we had other issues with Jive. For example https://blogs.sap.com/2016/05/16/fr13-post-mortem/ - just to mention one.

Our Q&A solution is based on AnswerHub.

Accepted Solutions (0)

Answers (0)