Log in to AnswerLog in to Follow
2022-04-29 11-28-26
Nitesh Ahirwar
114Views
12Comments
Getting random logout issues and role required issues on reactive application.
Question
Roles
Reactive
Authentication
Application Type
Reactive
Service Studio Version
11.10.12 (Build 39237)
Platform Version
11.8.4 (Build 29614)

Hello Everyone,

We are working on a reactive application DataLocker, where users are randomly getting logged out from application and redirected to custom logout page, while navigating to pages or clicking buttons like save or submit and multiple error are logged in the the  error log like "DataLockerUser role required" or "Registered role required" when an Security Exception occurs.

Since we have created an role "DataLockerUser" for this application and we are granting this role if not already assigned when a user login but after successful login and entering into  "Datalocker" application user sometimes automatically gets redirected to logout screen and doesn't have values in its Client.username and GetuserId() function even after 5-10 min of activity.


User gets logged out while saving or when server/service api action is called and above error are logged in service center.

Do we need to check roles before calling server/service api action since getting error role required when services are called within server action.


Regards,

Nitesh Ahirwar

0
0
21 Jun 2021
2021-05-18 02-27-17
Manish Gupta
Champion

Hello Nitesh

Can you please ensure that you have not used any other customer check on Actions / Expressions to check the UserRole and missed to include both Roles? Here are examples where you may have added them - https://success.outsystems.com/Documentation/11/Developing_an_Application/Secure_the_Application/User_Roles/Validate_End_User_Permissions_in_the_Application 

0
0
21 Jun 2021

Hello Manish,

thanks for ur reply, no i have not used any checks, just checking 2 roles on page level as i mentioned.

Still getting random logout issues.

0
0
21 Jun 2021
2021-05-18 02-27-17
Manish Gupta
Champion

Thanks for confirmation, then it could be the issue of Session Timeout. On Session timeout the User Id, Role and Client Variables get reset to their default value and redirect the user to the login screen. 

Can you check the session timeout setting in configuration? 

0
0
21 Jun 2021

Thats what i have mentioned manish, i know session is getting cleared randomly after login in in 5 10 min.. session time out is 3 hr as of now.

0
0
21 Jun 2021
2021-05-18 02-27-17
Manish Gupta
Champion

I have found this article if could help you. Though it is not solved but you can check session timeout in configuration tool - https://www.outsystems.com/forums/discussion/67714/reactive-error-users-encounter-auto-logout/ 


This too for session - https://www.outsystems.com/forums/discussion/34538/change-login-session-timeout/

0
0
21 Jun 2021

Hey Manish, 

Really appreciated your effort to give a solution, i have already checked those threads , but my real issue is not session timeout. 

If you can go through my post again, I have mentioned "after successful login and entering into  "Datalocker" application user sometimes automatically gets redirected to logout screen and doesn't have values in its Client.username and GetuserId() function even after 5-10 min of activity. 

So the issue is random/abrupt logging out of the application even after 5-10 min of successful login.

Hope you are getting it. 

Here is my current error log screen looking like when working on application .

0
0
21 Jun 2021

Hi Nitesh,

you say you are granting the role to a user as they login if they don't have it yet.  Are you sure this happens correctly. 

If you look at user afterwards in Users application, do they indeed have that role assigned to them ?

What if you grant a role to a test user with the Users application, does such a user also encounter the same security problems ?


Dorine

0
0
21 Jun 2021

Hi Dorine,

Yes I am granting Datalocker role if user doesn't already have it on login and I have also checked for user details in user module whether they are correctly granted role or not after successful login. 

We are using users which have this role and still we get random logout issues and error messages in service center.

0
0
22 Jun 2021

Hello @Nitesh Ahirwar,

What is the 'Max Idle Time' for the session login currently set to? I was curious to see if maybe this was a much lower value in your case, than the default 30 minutes.

The setting can be found in ServiceCenter -> Security -> Applications Authentication

Regards,

AJ

0
0
21 Jun 2021

Hi AJ,

Here is my Max idle time. I have already done these settings.

0
0
22 Jun 2021

hey @Nitesh Ahirwar, did you figure out how to solve this issue? I'm getting the same problem here but while navigating from a Traditional Web App to a React one.

0
0
21 Apr

Hello Leandro,

Still i haven't got the solution , still error log is logged with "specific role required" ...i think its an environment or platform bug which when u upgrade might get solved. 

0
0
22 Apr
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.