Forum Discussion

keithkelly's avatar
keithkelly
Leader
2 years ago

Session Timeout Behavior - Possible to get new session automatically?

Problem:  When a user's Khoros session times out & they click a link (say, in from email that takes them to a discussion), they get a blank page. 

Hack:  Click the "Person" icon up top-right and you'll get a new session.

BUT:  When a user is completely logged out (Profile Icon -> Logout), & they click a link to a discussion, they are automatically logged in via SSO and taken to that link.

QUESTION:  Can the timeout behavior also automatically get a new session & take them to the right place?

 

  • EricJ's avatar
    EricJ
    Khoros Staff
    2 years ago

    Hi keithkelly ,
    What you're asking for sounds a bit like either auto-signin or the bounce SSO feature.

    I ran a couple tests with incognito windows and with manually cleared Community cookies to try and reproduce that behavior in a test Community.
    In all cases when I attempted to access a resource that my anonymous user shouldn't be able to access I was redirected to the configured sign-in service url with the query parameter redirectreason=permissiondenied.

    Caveat there is that I haven't yet tested by letting my session time out. Clock ticking there.

    I'm curious if something may be erroring to result in your being directed to a blank page. When a given user doesn't have permissions for a closed area of a Community and attempts to navigate there, they should be redirected to the sign in path.

    Is the URL for the blank page the user lands on the requested page or some other Community hosted page?

    Can you please say more about the permissions you have in place for the Community resources you've been testing against?