search cancel

SAML - User taken to Error URL when their clarity session times out

book

Article ID: 254149

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

On the timeout of a clarity application session (Clarity session idle timeout in System Options), when the user clicks on a link in clarity they are taken to the Error URL.

The expected behavior is that the user should be taken to the IDP URL to re-authenticate.

Environment

Release : 16.0.3

Cause

This is the default behavior, but can be changed by editing the properties.xml file.

Resolution

In the <clarity home>/config/properties.xml file, there should be an <sso> entry.

It should look something like this:

<sso tokenName="AUTH_TOKEN" tokenType="cookie" logoutURL="http://www.ca.com" errorURL="http://www.ca.com" keyHash=""/>

 

You can add an attribute in that tag:

timeoutURL="your IDP URL"

Here you can put in the IDP URL to authenticate the user.  

After making this change, a restart of the app services is required.