Users being kicked out of session unexpectedly
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2016 09:47 PM
Hi folks,
Just wondering if anyone ever experienced logging out from an active session unexpectedly in ServiceNow, I have received a few clients who have occasionally been kicked out from session within glide.ui.session_timeout time frame (240 minutes)
One user has been logged out within 10 minutes unexpectedly, and another had the same issue within an hour. This issue trends to occur more frequently on Internet Explorer v11 although this also occurs to other browsers. Most of the times, the sessions are reliable but it does happen from time to time.
The users reporting this issue are in the same network as I am, despite it happens to me very rarely in Firefox / Chrome.
Referring to https://community.servicenow.com/thread/162754 it reads, "It seems now that this was caused by the property "glide.ui.rotate_sessions" that was set to TRUE as part of the High Security Plugin. We changed this to false last week and have not heard this issue reported since then."
I am not sure what ripple affects this might imply if disabled, but would like to get your advice on how to troubleshoot this issue.
Any advice would be appreciated.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2016 10:16 PM
Hi George,
You might get more insight into the issue if you turn on SAML debugging and check script logs and or deploy fiddler or similar in your browser.
As the issue is intermittent you might need some luck as well.
Best Regards
Tony
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2016 03:06 PM
Hi Tony
Thanks for your advice, I have got the SAML plug-in in my Firefox and Chrome, and are learning how to use it to check the logs. I hope I can leverage this extension.
Kind regards,
George
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2016 10:57 PM
Hi George,
There is some guidance on setting glide.ui.rotate_sessions here which is relevant to your post.
High Security Settings properties
glide.ui.rotate_sessions | Rotate HTTP session identifiers to reduce security vulnerabilities. See:http://www.owasp.org/index.php/Session_Management#Rotate_Session_Identifiers. Default: Yes If you are using the SAML 2.0 plugin for Single Sign-on authentication, set this feature to false. Otherwise, it interferes with the session information sharing that takes place between the instance and the Identity Provider. |
Best Regards
Tony
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2016 06:33 PM
Thanks Tony, I will probably need to digging into this article for further learning about what this properties would affect the sessions.
Your advice is much appreciated.
Kind regards,
George