Oracle Analytics Cloud and Server

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

Users are trying to view the reports but they are getting "Error 401 – Unauthorized”

Received Response
42
Views
3
Comments
User_CGBX8
User_CGBX8 Rank 2 - Community Beginner

When a user leave an analytics page idle for about 30mins user gets Error 401 – Unauthorized instead of logging out this issue occurs intermittently when user leave the page idle for say about 30mins SSO used is Kerberos.

Any inputs would be appreciated thank you

Answers

  • Selvam Muthiah-Oracle
    Selvam Muthiah-Oracle Rank 3 - Community Apprentice

    The following setting was changed on SAML Configuration settings : from support Document

    <ns2:Conditions NotBefore="<time_1>" NotOnOrAfter="<time_2>">

    <ns2:AudienceRestriction>

    <ns2:Audience>https://<idcs_domain>.identity.oraclecloud.com/fed</ns2:Audience>

    </ns2:AudienceRestriction>

    </ns2:Conditions>

    Modified To

    <ns2:AuthnStatement AuthnInstant="<time_3>" SessionIndex="<index>">

    <ns2:AuthnContext>

    <ns2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns2:AuthnContextClassRef>

    </ns2:AuthnContext>

    </ns2:AuthnStatement>

     

    Notice that NotBefore="<time_1>" NotOnOrAfter="<time_2>" is not present in the modified setting. This SAML AuthenStatement optional parameter was somehow causing the JSESSIONID to keep changing on OAC side when the time out was reached

  • User_CGBX8
    User_CGBX8 Rank 2 - Community Beginner

    @Selvam Muthiah-Oracle Thank you for the response. Will check this.

  • User_CGBX8
    User_CGBX8 Rank 2 - Community Beginner

    @ User_CGBX8 SAML is not used here instead MSAD Kerberos SSO is used.

    Can you please check what configurations can be checked