nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Oracle Communities

Oracle Analytics and AI

Child Item

OAS SAML SSO re-establish session

Rav Singh

We have SAML SSO solution to authenticate users and display OAS dashboard on an ADF page, without logging in to OAS.

When we logout from dashboard or have the webpage timeout (< 1 hour), we are able to re-establish SAML SSO and display dashboard again. But if logout/page timeout is after 1 hour, then SAML login is not happening and page is redirected to OAS login page. We can see new SAML request/response in the logs.

It works if we close and open a new browser session.

I have tried increasing timeout in saml2.war without success.

internalSessionTokenExpiryTime is set to 4 hours.

OAS version 2024.

Find more posts tagged with

Accepted answers

Mostafa Morsy-Oracle

@Rav Singh

most probably your IDP Or ADF set session timeout to 1 hour that is why it fail after 1 hour so I will suggest to increase the session timeout in ADF and Identity Provider more than 1 hour

Also confirm the timeout in instanceconfig.xml file if set there by default it is more than 1 hour

users can login anonymously Per https://blogs.oracle.com/analytics/post/oas-anonlogin

I will request the .har file after successful login and again a new .har file when issue reproduces but first check the above 2 points

All comments

Mallikarjuna Kuppauru-Oracle

Hi @Rav Singh

This is an OAS Question but posted on OAC.

Are you using analytics reports or dv ?

In General SSO environment the timeout is handled by SSO. You can set WLS session timeout for DV.

Weblogic Console > Home >Summary of Deployments >bitech-analysis-application >Configuration - Session Timeout (default 600 seconds)

But the application once configured with SSO, the timeout is handled by SSO.

Regards,

Arjun

Rav Singh

We are using analytics reports.

Ashish-Oracle

@Rav Singh You have posted the query in the right forum ie. Oracle Analytics Cloud and Server

Coming to your issue, you are requested to raise a SR with the "Oracle Analytics Server" product team and provide the diagnostic dump along with the official document you followed for further review. Based on the review we will be able to suggest you to perform the configuration changes if any are required.

Mostafa Morsy-Oracle

@Rav Singh

most probably your IDP Or ADF set session timeout to 1 hour that is why it fail after 1 hour so I will suggest to increase the session timeout in ADF and Identity Provider more than 1 hour

Also confirm the timeout in instanceconfig.xml file if set there by default it is more than 1 hour

users can login anonymously Per https://blogs.oracle.com/analytics/post/oas-anonlogin

I will request the .har file after successful login and again a new .har file when issue reproduces but first check the above 2 points

Rav Singh

@Mostafa Morsy-Oracle Thank you, I will check anonymous login.

We are ok to let session timeout, here issue is that to re-establish the analytics session once timed out.

If I have ADF timeout < 1 hour, then SAML SSO is able to set OAS session if tried within 1 hour.

But after 1 hour, it goes to OAS login page. SAML assertion is happening as expected, SSO to /analytics session does not happen after 1 hour in same browser session.

Mostafa Morsy-Oracle

@Rav Singh

This proves that increasing ADF Session Timeout will fix the issue for the limit of the ADF Session Timeout Minutes.

Please check the anonymous login and let me get your feedback

User_WDA5I

@Rav Singh

Was this issue resolved, if yes can you please provide the solution as i was facing same issue

Rav Singh

@User_WDA5I No not resolved. We went ahead with a different SSO solution (Docker).