Our client is experiencing logout issues when using Perceptive apps on their iPad.
The link to the Perceptive app is passing through a DMZ, and upon initial login, the users are able to navigate the apps on the iPad without issue. But when a new session is started on their desktop, they are logged out of their current session on the iPad. After the users log back in, there are 2 consistent behaviors: (1) the iPad log constantly force-closes the session on the desktop or (2) there is a back and forth between the desktop and iPad sessions.
We’re unsure of how, or if, SSO is playing a part in this, or if we’ve missed a setting that will enable both sessions to stay open for as long as the timeout setting allows. We have attempted to use this solution (IV96586), but have not seen improvement.
When one SSO session is opened, it will log out the user from any other locations. I would ask users to stick with one device and avoid using multiple devices. If they need to use the apps and their desktops simultaneously, then you should provide them with a link to the UX apps for their desktops.
[Admin: This post is related to the 06.10.17 post about the UX session timeout on the iPad. To see other related posts, use the Timeout tag.]
We turned on the SSO in our environment. (1) If we want to connect to one of the forms on our system, it shows us that we need to login first. (2) But if I use the link in the email notification that TRIRIGA sent out, it will login and open directly. What’s the difference between these two methods? Is there a way to open a form directly without login?
Because the URL that is being used is an “anchor” (it uses the # character to define the parameter), it isn’t possible to use that in an SSO environment. So you need to determine what the underlying WebProcess.srv call is to that form. For example…
[Admin: To see other related posts, use the SSO tag.]
I am trying to configure SSO with WebSphere Liberty (on RHEL 6.8 and TRIRIGA 10.5.0/3.5.0) with Active Directory. Once configured, I get the Windows authentication popup. It accepts my domain credentials, but instead of taking me inside the application, it takes me to the login page, where I have to input my local TRIRIGA profile login details. Can someone help me with this?
[Admin: To see other related posts, use the Active Directory tag or SSO tag.]
I have set up single sign-on (SSO) with SiteMinder and Liberty, and both seem to be working fine. However, after login, when I attempt to access BIRT reports, I get the following in the DevTools security window:
Mixed Content: The page at 'https://hostname/html/en/default/platform/mainpage/mainpage.jsp' was loaded over HTTPS, but requested an insecure resource 'http://hostname/birt/frameset?_docId=2816263&_la…tem__triPaymentLineItem_-_Report_-_Future_Rent_Obligation_Detail.rptdesign'. This request has been blocked; the content must be served over HTTPS.
Similarly, when I attempt to open a record and navigate the tabs, I get the following:
Mixed Content: The page at 'https://hostname/WebProcess.srv?objectId=750000&…TypeId=10002490&action=Edit&managerType=query&altGuiListId=-1&inline=false' was loaded over HTTPS, but requested an insecure form action 'http://hostname/WebProcess.srv?objectId=880000&a…false&undeletable=false&requiredNotSet=0&requiredTabList=&requiredField=-1'. This request has been blocked; the content must be served over HTTPS.
In the first case, the report never displays, and in the second case, the record appears to entirely hang. Have any of you seen this before? Any ideas how to fix it?
[Admin: This post is related to the 08.20.15 post about getting a mixed content security error with Esri ArcGIS, and the 06.18.15 post about GIS mixed content messages. To see other related posts, use the SiteMinder tag or SSO tag.]
Open CAD Integrator (CI) and attach a simple drawing to TRIRIGA 3.5.2. From CI, edit a space (it opens a browser session). From CI, launch a portal (it opens as a new tab next to the first space). From CI, edit a different space, then another one. Move from one TRIRIGA session to the next making a change to the name. For the main TRIRIGA page, just change tabs or open something else.
Initially, all seems well. But after a couple minutes, you will get this message on each tab or session as you return to them: “Sign In Required. Sorry, your session has either timed out or is no longer active. For security reasons you have been redirected to this page. Please sign in again to continue.” Then when you log back in, you are taken to the home page. Initially, it seemed that as long as one of the tabs remains open, you can open multiple TRIRIGA sessions from CAD Integrator. That does not appear to be the case. And the issue of most concern to Apple.
An issue was identified with SSO configurations and opening records via CI. Moving forward, an issue was resolved that would cause user sessions to time out after 3 minutes of inactivity, if the session was initiated by a CAD Integrator request.
[Admin: This APAR IV94643 is duplicated by APAR IV94555.]