Oracle Analytics Cloud and Server

Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Cloud and Server

Categories

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

OAS SAML SSO re-establish session

Accepted answer
103
Views
7
Comments
Rav Singh
Rav Singh Rank 4 - Community Specialist
in Oracle Analytics Cloud and Server

We have SAML SSO solution to authenticate users and display OAS dashboard on an ADF page, without logging in to OAS.

When we logout from dashboard or have the webpage timeout (< 1 hour), we are able to re-establish SAML SSO and display dashboard again. But if logout/page timeout is after 1 hour, then SAML login is not happening and page is redirected to OAS login page. We can see new SAML request/response in the logs.

It works if we close and open a new browser session.

I have tried increasing timeout in saml2.war without success.

internalSessionTokenExpiryTime is set to 4 hours.

OAS version 2024.

Best Answer

  • Mostafa Morsy-Oracle
    Mostafa Morsy-Oracle Rank 6 - Analytics Lead
    Answer ✓

    @Rav Singh

    most probably your IDP Or ADF set session timeout to 1 hour that is why it fail after 1 hour so I will suggest to increase the session timeout in ADF and Identity Provider more than 1 hour

    Also confirm the timeout in instanceconfig.xml file if set there by default it is more than 1 hour

    OR

    users can login anonymously Per https://blogs.oracle.com/analytics/post/oas-anonlogin

    I will request the .har file after successful login and again a new .har file when issue reproduces but first check the above 2 points

Answers

  • Mallikarjuna Kuppauru-Oracle
    Mallikarjuna Kuppauru-Oracle Rank 8 - Analytics Strategist

    Hi @Rav Singh

    This is an OAS Question but posted on OAC.

    Are you using analytics reports or dv ?

    In General SSO environment the timeout is handled by SSO. You can set WLS session timeout for DV.

     Weblogic Console > Home >Summary of Deployments >bitech-analysis-application >Configuration - Session Timeout (default 600 seconds)

     But the application once configured with SSO, the timeout is handled by SSO.

    Regards,

    Arjun

  • Rav Singh
    Rav Singh Rank 4 - Community Specialist

    We are using analytics reports.

  • Ashish-Oracle
    Ashish-Oracle Rank 7 - Analytics Coach

    @Rav Singh You have posted the query in the right forum ie. Oracle Analytics Cloud and Server

    Coming to your issue, you are requested to raise a SR with the "Oracle Analytics Server" product team and provide the diagnostic dump along with the official document you followed for further review. Based on the review we will be able to suggest you to perform the configuration changes if any are required.

  • Rav Singh
    Rav Singh Rank 4 - Community Specialist

    @Mostafa Morsy-Oracle Thank you, I will check anonymous login.

    We are ok to let session timeout, here issue is that to re-establish the analytics session once timed out.

    If I have ADF timeout < 1 hour, then SAML SSO is able to set OAS session if tried within 1 hour.

    But after 1 hour, it goes to OAS login page. SAML assertion is happening as expected, SSO to /analytics session does not happen after 1 hour in same browser session.

  • Mostafa Morsy-Oracle
    Mostafa Morsy-Oracle Rank 6 - Analytics Lead

    @Rav Singh

    This proves that increasing ADF Session Timeout will fix the issue for the limit of the ADF Session Timeout Minutes.

    Please check the anonymous login and let me get your feedback

  • User_WDA5I
    User_WDA5I Rank 1 - Community Starter

    @Rav Singh

    Was this issue resolved, if yes can you please provide the solution as i was facing same issue