File System Target "lockout" issue after session expiration and re-login

book

Article ID: 159955

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

The File System Target gets locked in Discover Target module, when Vontu logs out the user automatically (session expiry) because of time out (system inactivity).

Resolution

Relevant versions:  ALL

STEPS TO REPRODUCE

  1. Go to Discover Target and choose a File System Target to edit.
  2. Let the system remain idle for some time and allow the session to expire, until Vontu logs off the user automatically based on Time Out (system inactivity) threshold.
  3. Logon to Vontu once again.
  4. Try to edit the same File System Target. Vontu prevents the user from editing it, giving an error message "File system target is locked by another user".

In a web application, the backend does not know what the front end (browser) is doing. So unless there is communication back from the browser to the server, for example, during closing the browser, the backend does not know if the user is still in process of editing the policy or any other data through the UI.

What happens in this scenario is that the system gets out of sync due to two different timeout directives.  There is a timeout value for the UI controlling automatic logoff and there is a timeout setting for the Discover File System. Normally these are the same.  If one of these two directives are changed, then the Discover on the one hand will think it is still in a locked state, but the browser will log you out due to the inactive-browser timeout setting.

Workaround

1. Logout of Vontu and close the Browser.
2. Reopen the browser and launch Vontu application once again.
3. File System Target is unlocked.