Skip to Content
author's profile photo Former Member
Former Member

SSO login.ticket_lifetime value...Please guide

Hello All,

Am working on ESS/MSS and facing an issue with SSO

Only one user is getting an error saying "RFC_ERROR_LOGON_FAILURE_System received an expired SSO ticket".

I have gone through almost all the relevant SAP Notes & previous SDN posts and have following questions:

1. Default value is 8. Are there any implications if I change this to 100?

2. I do understand that this error is related to JCo but then why is this only to one user?

3. In my scenario wherein a couple of test userids are being shared amongst the consultants here...what is the value thats recommmended..

Awaiting Reply.

Thanks and Warm Regards,

Ritu

Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Sep 10, 2007 at 08:02 AM

    Check the system time of the workstation from where the user is logging in. We had this problem when the system time from the client was wrong.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Is it a Windows machine? Double click on the clock in the below right corner. I mean the system time of the os.

      If your system time from the client is for example sept 9th 14:43 and the SAP server is sept 10th 14:43 your ticket lifetime is exceeded and the ticket will not be marked as valid. Make sure the time is equal on all systems.

      Please consider rewarding points if this is of any help to you.

  • Posted on Sep 10, 2007 at 01:07 PM

    Hi Ritu,

    The reason it is happening is that the JCo connection is reusing an old connection, without updating the saplogonticket within it. So when SAP receives the saplogonticket, it has expired.

    So, how to fix it:

    1) Set your login.ticket.lifetime to be the same as sessionexpirationperiod in the security provider. Sessionexpirationperiod sets how long a session can remain on the J2EE engine. ie. This contributes to how long any sessions that have JCo conenctions which can be re-used.

    2) There is an option within the system defined in the portal to validate the connection. I have found that this helps a lot.

    I hope that helps

    Paul

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.