on 06-15-2004 12:21 PM
Hi All,
As the restriction of EP that do not have the configuration to set portal timeout, i would like to implement this feature by using the other component such as feature of j2ee or IIS. So now i do not know how to set it and whether it work or not.
Please suggest me or if you have the another solution to implement it.
Thanks in advance.
Pongsak
Hi,
Did you get solution to this problem?
I have similar requirement.
Regards,
Apurva
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Apurva,
Pls refer this link http://wiki.sdn.sap.com/wiki/x/XglLAQ for portal time out solutions.
In our portal, its working fine with known limitation that it considers only portal navigational events to determine user status whether active or not.
Regards,
Zaid
Hi Apurva,
Unfortunately there is no standard way to configure a timout due to
inactivity or idleness in the portal.
Logoff from the portal is based on the ticket session, configured using
the login.ticket_lifetime. It is not related to the http session, the
security session or the J2EE connectors. The ticket always has a fixed
lifetime and does not expire due to user inactivity and a user session
will not time out due to inactivity.
If you want to adjust the expiration time of the SAPlogon ticket, set
the "Lifetime of SAP Logon Ticket (hh:mm)" in "Security settings" at;
System Administration >
System Configuration >
UM Configuration
Note: The cookie will eventually expire after this time setting, even if
the user is not idle. The user has to renew the ticket after expiry.
This is the way Web based applications manages sessions.
Regards
shrikant
Hi Pongsak,
you can use following Link for the Same Requirement :
Regards,
Ashish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Pongsak,
Try to use this in xml file and refresh the portal and see
change <session-timeout> to 10 in WEB-INF\web.xml
award points if helpful.
Thanks,
Regards
Vijai
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Just so we're all square on a few details...
Expiring the ticket is a hard limit - doesn't matter whether the user is active or not.
Expiring the session ID simply flushes the user context and allows the JVM to clear that memory held by the session sooner (or more frequently) - this does not log the user out - when they access EP again they will simply get another jsessionID (the ID acutally comes from the engine not EP)
Any functionality to provide auto-logoff or expire inactive users needs a solution like the proposed jsp ones - though I would expect adding this to the framework page itself would work and you could avoid having to add it to every iView.
Search through the forums as this topic has been discussed before and several interesting solutions have been proposed.
Nick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nicholas,
I tried the framework page and found that my event didn't get refreshed all the time since the page only gets reloaded when a full portal page load happens which is not always when navigating from one screen to another...right?
I tried catching mouse events or others when I placed it in the framework page but it seemed it was only catching events when moving my mouse within that area which wasn't helpful.
The only alternative I found (which I didn't end up implementing) was adding it to the framework page and adding a counter which counts down, then adding a reset button with it so the user sees how long they have left and have the opportunity to reset it. I saw this solution in a completely different environment years ago but in the end didn't opt for it.
If you ever find out how to get this to work in the framework page let me know, that would be much better.
Thanks,
Johnny
Hi
We can add this iview to the desktop innerpage included in framework page rather than Framework page directly. In this way we need not include the iview in all the pages separately since it will be applicable to the portal in general. The fullpath for adding this is:
Content Admin -> portal content-> portal users -> standard portal users -> default framework page -> desktop innerpage.
i have done this and it is working for me.
Thanks & regards,
Anupreet
Hi All,
Here is how we approached it:
We wanted our timeout to be based on user inactivity, not duration of the portal session.
We wrote a par file which was placed in an iview.
This iview in turn is added to every portal page. The size of the iview is 1px by 1px so the user doesn't see it.
When the timeout occurs, the javascript in the par file triggers the call of a popup page which simulates the logout functionality of the portal. So basically the user is presented with a logout popup and inactivity warning message.
They have then the opportunity to react or after 90 seconds the portal logs off automatically.
This solution may not be perfect because you need to add the iView to every page but it allowed us to deliver the functionality we needed.
Hope this helps.
Johnny
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Here it is:
I have a par file with 2 JSP files. A Timer.jsp and a popup.jsp. The timer uses a the javascript to count down and will call the warning popup. The popup uses a timer as well but to then log off from the portal.
Timer.jsp
<SCRIPT language="JavaScript">
var tid;
function logoffonTimeout () {
// alert("logging off");
window.parent.logoff();
}
function warning () {
var win = top.window.open("/irj/servlet/prt/portal/prtroot/com.bi.hr.selfservices.timeout.popup","Timeout",'width=300,height=200,top=200,left=200');
resetTimer(win);
}
function timer(action, time) {
window.time = time;
window.action = action;
if (tid)
window.clearTimeout(tid);
tid = window.setTimeout(action, time);
}
function resetTimer(timeoutWindow){
if (timeoutWindow && timeoutWindow.open)
setTimeout('resetTimer()', 1800000);
else
warning();
}
timer('warning();', 1800000);
</SCRIPT>
<body>
</body>
popup.jsp
<%@ page import = "java.util.ResourceBundle" %>
<%@ page import = "com.sapportals.portal.prt.component.*" %>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"><link REL=STYLESHEET HREF="/irj/portalapps/com.sap.portal.themes.lafservice/themes/portal/sap_standard/ctrl/ctrl_nn6.css?6.0.2.10.0" TYPE="text/css" >
<script>
// start timer to close the window
setTimeout("continueLogoff()", '30000');
function cancelClose(){
clearTimeout();
window.close();
}
function continueLogoff(){
opener.logoff();
window.close();
}
</script>
<table border="0" cellspacing="5" cellpadding="0">
<tr>
<td class="ctrlMsgBarImgWarning"> </td>
<td class="ctrlTxtStd">You have been inactive for a long perriod.</td>
</tr>
<tr>
<td> </td>
<td class="ctrlTxtStd">Your session will be closed.</td>
</tr>
<tr>
<td> </td>
<td class="ctrlTxtStd">Do you want to continue?</td>
</tr>
<tr>
<td colspan="2" height="10"> </td>
</tr>
<tr>
<td align="left" nowrap colspan="2">
<a href="#" class="ctrlBtnEmph" onclick="continueLogoff();return false;" title="Log Off">Log Off</a>
<a href="#" class="ctrlBtnStd" onclick="cancelClose();return false;" title="Continue with Session">Continue with Session</a> 
</td>
</tr>
</table>
Here is the portal.xml file
<?xml version="1.0" encoding="UTF-8"?>
<application>
<application-config/>
<components>
<component name="Timeout">
<component-config>
<property name="ComponentType" value="jspnative"/>
<property name="JSP" value="pagelet/Timer.jsp"/>
<property name="SecurityZone" value="Timer/no_safety"/>
</component-config>
<component-profile>
<property name="timeout" value="3000">
<property name="personalization" value="dialog">
</property>
</property>
</component-profile>
</component>
<component name="popup">
<component-config>
<property name="ComponentType" value="jspnative"/>
<property name="JSP" value="pagelet/popup.jsp"/>
<property name="SecurityZone" value="popup/no_safety"/>
</component-config>
<component-config/>
</component>
<component name="timeoutRequest">
<component-config>
<property name="ClassName" value="timeoutRequest"/>
<property name="SecurityZone" value="timeoutRequest/low_safety"/>
</component-config>
<component-profile/>
</component>
</components>
<services/>
</application>
Hi
There is one issue with this. Even if the user is working on the portal, still the warning popup appears after the specified time period.
Though what i require is warning popup to appear only if the portal is inactive for some time. Can anyone please help in this regard?
Thanks & regards,
Anupreet
Hello,
I have the same doubt: how to log off inactive users after a specific time. I took a look in the SDN documentation, as well as in the SAP Help - so far I couldn't find any clear document or help about how to implement this feature.
Tks in advance, and rgds.
Fernando Cervantes
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We are also very interested in session timeouts.
Ideally, this would be in the form of an idle timeout setting that we would synchronize with an SAP backend system. If this type of portal 6.0 timeout is not available at this time, our next choice is session expiration after a certain amount of elapsed time.
Are either of these options available in EP 6.0 SP2 P4? How do we alter the portal session timeout parameter?
Thanks very much for your kind assistance,
Margaret.
Hello-
You can set the session timeout of the portal in EP6 SP2 by going to System Administration --> System Configuration --> UM Configuration --> Security Settings.
Here you will find the Lifetime of the SAP Logon Ticket. If this would expire on a user, the next time he/she would click on a link they would be informed their ticket has expired and please login again.
Your backend sessions would be handled automatically by the systems themselves.
The other option would be to put some Javascript code in the default framework page that would call the portal logout function after a certain amount of time. (This would also handle a backend system logout if the SAP transaction was visible and you had DSM termination enabled because the portal frame would change).
Hello Dagfinn
After changing sap logon ticket it worked, but not in the way I thought. Setting both session timeout and sap logon ticket to 30 min provoked an automatic log off of the user, even if the user was active. I thought it would log off the user only after 30 min of inactivity.
This can be useful to log off users who closed the browser without closing the session, but not for handle the inactivity issue.
Anyway, thanks for your help !
Rgds,
Fernando
As Marty wrote, "The other option would be to put some Javascript code in the default framework page that would call the portal logout function after a certain amount of time."
This is a custom solution, but some customers have done it. Because HTTP is a stateless protocol they do not detect mouse movement and so on. But if there hasn't been a round trip to the server since the timeout period, it raises a dialog that gives the user 60 seconds to confirm before it forces a logoff.
What would you like to timeout, the log-in, the authentication, the session? Please provide more detail.
Nick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't have any idea what the log-in, the authentication, and the session timeout are.
But what I would like to have is Idle time out. It is when the user logs on to the portal and he stays idle(not even move a mouse) for a period of time, the Portal should be able to automatically log this user off.
Best Regards
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.