Go to primary content
Siebel CRM Siebel Security Guide
Siebel Innovation Pack 2017, Rev. A
E24814-01
  Go to Documentation Home
Home		 Go To Table Of Contents
Contents		 Go To Index
Index
Previous
Previous 		 Next
Next		     View PDF

Configuring the Session Timeout

You can configure an expiration period for a Siebel session by setting a session timeout value in both Siebel Business Applications and many Web SSO authentication service providers. The timeout values must be the same for both applications. If you configure a timeout value for your Siebel application that is shorter than the one you configure for your Web SSO authentication service, users can re-establish their Siebel session after it times out without providing login credentials.

The procedures in this topic describe how to configure the session timeout. To make sure that users must re-authenticate after the timeout limit is reached, you must also configure the same timeout value for your Web SSO authentication service. For information on the Siebel Active Session Timeout Value (in seconds) parameter, see "About the Active Session Timeout Value Parameter".

Configuring the Session Timeout

To configure the session timeout for your Siebel application and for the Web SSO authentication service, perform the steps in the following procedure.

To configure the session timeout  

  1. To configure the session timeout for the Siebel application:

    1. Navigate to the application interface configuration located in the AI_ROOT\BIN directory.

    2. Set the value of the Active Session Timeout Value parameter as required.

    3. Restart the Siebel Web server.

  2. To configure the session timeout for the Web SSO authentication service, follow your Web SSO vendor's procedure for setting session timeout values. Specify the following values:

    1. Change the value of the Maximum user session time (seconds) field.

      Set this value to be just longer than the session timeout value you specified for the Siebel application.

    2. Change the value of the Idle session time (seconds) field.

      Set this value to be the same as the value you set for the Siebel application.

Testing the Web Single Sign-On Session Timeout Configuration

After configuring the session timeout values for your Siebel application and Web SSO authentication service, verify that the session timeout values work correctly by performing the steps in the following procedure.

To test the Web SSO session timeout configuration  

  1. Configure the Web SSO session timeout to be five minutes and restart the Web servers.

  2. Open a Web browser and access the Web server's main page (http://hostname).

    The main page is displayed; user authentication should not be required.

  3. Access the Siebel URL for the Web server from the same browser used in Step 2.

    Basic authentication should be required.

  4. Enter valid Siebel user credentials.

    The Siebel application should be displayed.

  5. Leave the browser window open and idle for more than five minutes.

  6. Refresh the browser window using the Refresh button.

    You should be prompted to enter user credentials.

  7. Enter valid Siebel user credentials.

    The Siebel application should be displayed.

  8. Repeat Steps 2 to 5 for the Web server you have implemented.

For information about Federated or Security Assertion Markup Language-based SSO, see "About Implementing Federated Single Sign-On".

  Previous
Previous 		 Next
Next
  Go to Documentation Home
Home		 Go To Table Of Contents
Contents		 Go To Index
Index