Support Article
Session timeout login challenge appears as section not pop up
SA-3489
Summary
Using LDAP authentication, when a user session timeout, the login challenge is not showing as pop up as that when using PRServlet. It will show a login page but as the section that is to be loaded. For example: when a user session timeout and the user tries to do a work object search on case manager portal, the section where the search result are normally displayed would now show a login form. The expected behavior is for the login challenge to show as a pop up.
Error Messages
No error message. Observed an undesired behavior where the login challenge is showing as a section rather than a pop up.
Steps to Reproduce
Setup an operator id that uses LDAP authentication, setup the the session timeout in the access group.
Logs in, open a case manager portal and wait until the session timeout.
Search for a work object.
Observed the login form showing up in the section where the search result is supposed to be listed.
Root Cause
In LDAP authentication service custom tab, under "Timeout Options" there is an option to use basic authentication or to use a challenge stream and redirect URL. The login form showing up as a section instead of a pop up is because the "Use basic authentication for timeout" was not checked.
Resolution
The explanation for this behavior is as follows: to enable the pop up timeout challenge, the "Use basic authentication for timeout" needs to be enabled. However this also means you will not be able to use the redirect URL function. If the redirect URL is required, then a possible approach is to use a custom challenge stream that has a pop up with a login form. This login form needs to be accessible from unauthentacated requestors.
Published January 31, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.