Home Service Manager Portal Feature Requests
We appreciate you taking the time to vote and add your suggestions to make our products awesome! Your request will be submitted to the community for review and inclusion into the backlog.

We recommend reviewing what is submitted before posting, in case your idea has already been submitted by another community member. If it has been submitted, vote for that existing feature request (by clicking the up arrow) to increase its opportunity of being added to Cireson solutions.

For more information around feature requests in the Cireson Community click here.

Session Countdown for Forms Based Logins Only

David_AllenDavid_Allen Partner Advanced IT Monkey ✭✭✭
in Service Manager Portal Feature Requests
With v7 a session timer was added, which is extremely useful for people using forms based authentication, however it is proving to be rather irritating for users connected using Windows auth.

Internally, we have a portal web server with Windows auth and we don't really want session messages appearing.  Externally, we have a portal web server where Forms based auth is used, for obvious security reasons, and it would be good for the session timer to appear for these users so they don't have to enter their credentials again.
4
Up Down
6 votes

Submitted · Last Updated

Comments

  • Tom_HendricksTom_Hendricks Customer Super IT Monkey ✭✭✭✭✭
    If considered, this should be configurable.

    If other customers wish to have some of their user activity logged anonymously by changing a setting, I have no issue with this feature as long as I still have the option of doing the opposite.

    The current (7.0) functionality is extremely useful for Windows Auth, because it prevents user actions from being logged with the service account's ID instead of theirs.  That was a deeply concerning flaw that has finally been resolved.  Session timers are fairly common in other ITSM products, also when Windows Auth is used, so the warnings are not particularly irritating for my users.  I can see how this might not be as important for other businesses, however.
  • David_AllenDavid_Allen Partner Advanced IT Monkey ✭✭✭
    Agreed, I was meant to specify that it should be configurable, as every busiensss has different requirements.  The organisation I am with at the moment are all about user experience, and they don't consider the renew session prompt a good user experience when the user hasn't had to login in the first place.

    Obviously this is from a wider business perspective than just IT.
  • Joe_BurrowsJoe_Burrows Cireson Devops Super IT Monkey ✭✭✭✭✭
    edited November 2016
    Hi David & Tom

    The session timer can be disabled as below:

    KB115:

    Disabling the Session Timer
    By default the Session Timer is enabled and is recommended. 
    To disable the Session Timer go to Admin Setting > Settings Items and modify the value of the key "UseSessionTimer" to "false".
    Important Note:   Disabling the Session Timer is not recommended as the session timer resolves a number of issues.  If you choose to disable the session timer you should be aware that the issues described in the section Issue Resolution may occur.

  • David_AllenDavid_Allen Partner Advanced IT Monkey ✭✭✭
    Hi Joe, that turns it off for the portal in its entirety.  What I am asking for is the option to only disable it for windows auth connections.  For forms based auth connections we definitely want it enabled.
  • Joe_BurrowsJoe_Burrows Cireson Devops Super IT Monkey ✭✭✭✭✭
    David_Allen said:
    Hi Joe, that turns it off for the portal in its entirety.  What I am asking for is the option to only disable it for windows auth connections.  For forms based auth connections we definitely want it enabled.
    Ah right gotcha, upvoted :)
  • Tom_HendricksTom_Hendricks Customer Super IT Monkey ✭✭✭✭✭
    @Joe_Burrows, I almost replied the exact same way, at first! :)
Sign In or Register to comment.