- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2014 06:48 AM
Hi all
we just implemented SSO to ServiceNow through SiteMinder. The system requires the users to first login to an internal portal (the login happens generally automatically through Windows authentication) and then click on a link to SiteMinder.
Now many of our non-Admin users have this problem that their session times out after 5 minutes. Trying to weed out any ServiceNow-side causes to this we added the parameters "glide.home.refresh_disabled" (set to false) and "glide.ui.session_timeout" (set to 30) but these do not seem to have any effect on the time-out.
Our security folks tell us that SiteMinder does not have any control over the session beyond authentication.
Admittedly this may not be a time-out per se, but right now we don't have many ideas on how to solve this.
Does ServiceNow have a requirement of any kind of a keep-alive message being passed from the browser every so often?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2014 10:15 AM
Thank you David.
It seems now that this was caused by the property "glide.ui.rotate_sessions" that was set to TRUE as part of the High Security Plugin.
We changed this to false last week and have not heard this issue reported since then.
In case anyone is interested, this property is mentioned here:
SAML 2.0 Web Browser SSO Profile - ServiceNow Wiki
and
High Security Settings - ServiceNow Wiki
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2014 06:57 AM
Hi,
Do you have the SSO or SSO update 1 plugin?
I experienced the issue with one of my customer and the SSO update 1 plugin did apparently resolve the issue
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2014 07:46 AM
Hi David
thank you for that tip. I checked the list of plugins in our environment and do not see that in the list. Should all plugins be visible in that list?
Anyway I have opened a request with Hi to install this plugin just to make sure we have it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2014 08:01 AM
It's a plugin we have to ask for
Be sure to ask on dev environment before because you might have some configuration modification to perform
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2014 08:59 AM
Hi David
sorry I should have mentioned this earlier but I was under the impression that we had requested that plugin to be activated like 6 months ago. I called SN support and they checked that it is active in our system.
Also they explained that this plugin is not displayed in the Plugins list by default. Its existence can be confirmed as follows:
1. in the search filter (left-side pane) type: sys_plugins_list.do
(the sys plugins list is displayed in the right-side pane)
2. in this list, search for an entry where source is "com.snc.integration.sso.saml20.update1"
Thank you for your help, although now it seems that this is caused by something else than the lack of that plugin.
