UX time-out with CAM

Hi all,

We are trying to increase the UX time-out with a client and the typical parameters seemed to have not worked so far. Specifically we modified the parameters below:

  • HTTPSessionTimeoutMinutes in tm1.cfg on Model / ContentStore instances
  • IdleConnectionTimeoutSeconds in tm1.cfg on Model / ContentStore instances
  • in ApliqoServer\conf\web.xml
  • “Inactivity timeout in seconds” from CA Cognos Configuration
  • “Inactivity timeout in seconds” from TM1 Cognos Configuration
  • in Cognos_TM1_install_location\webapps\pmpsvc\WEB-INF\configuration\fpmsvc_config.xml (this probably doesn’t make a difference)

Does anyone have an idea on what we might be missing? The client has UX behind a load balancer but other applications (e.g., PAW) behind this load balancer does not have the short time-out.

Thanks in advance!

Hi @wwang, is IIS web server in play as part of the CAM configurations? You can check by the gateway URI from CA cognos configuration (check environment node under local configuration). If the gateway uri is of the form <http(s)://servername/ibmcognos>, then there is a strong likelihood IIS is in play and that your timeout settings set at IIS may be coming into effect. This may be helpful for your review, if indeed IIS applies here: https://www.ibm.com/support/pages/how-modify-time-out-settings-microsoft-iis-when-required-cognos-products

Note that IIS handles your CAM’s gateway component which in turn comes into play for your TM1 SSO authentication. This gateway URI should match in your model’s tm1s.cfg file for property “ClientCAMURI”.

Hope this helps. Let me know how you go.

Cheers!

@nkaushal, thanks so much for your suggestion! I’ll check this with the client and hopefully this is indeed causing the short time-out. Thanks again!

Hi @wwang, are UX and TM1 on the same machine or separate machines?

We had a similar issue in our client where tm1 web timeout cannot be configured.
The reason was the conflicting web server in 2 machines.
We did a clean installation without web component on tm1 server and it is resolved.
Maybe this helps a bit.

Regards,
Muhammed

@monder, thanks for your suggestion! In my case, Apliqo UX is installed on the same machine as the TM1 server. So you had noticed that TM1Web was impacting the Apliqo UX time-out? Or was it more of a situation where the TM1Web on the TM1 server box was interfering with the timeout on the TM1Web web tier box?

@nkaushal, client also had checked the IIS settings which didn’t seem to make a difference. I noticed that Ian had posted a link in another forum topic on all the various time-out parameters so the client is double checking each of these.

https://www.ibm.com/support/pages/node/559309?myns=swgother&mynp=OCSSCTEW&mync=E&cm_sp=swgother-

@wwang
what’s the version you use for this customer?

I had very similar issue and couldn’t find a solution to increase the UX time-out. I’ve decided to upgrade to UX 2021.02 and the problem was solved.

Thanks for checking that @mmioduski! We are on UX version 2021.02 as well.

We did notice today that their TM1Web timeout was set to blank (which would default to a 20 minute time-out, which is what they are seeing in UX). No websheets are deployed in UX but potentially, there could be some impact as implied by @monder. Just increased it so we’ll see if that makes a difference.

Hi @wwang, Actually we were suffering from tm1 web timeout deployed within UX.
Don’t think so but hope it helps :slight_smile:

I did some more testing (on v2021.02) and it appears that the time-out issue is not specific to CAM authentication. Same issue happens even on the standard Apliqo_Demo webapp with SecurityMode1.

It seems that Apliqo UX time-out is fixed at 30 minutes, regardless of “HTTPSessionTimeoutMinutes”, “IdleConnectionTimeoutSeconds” or the Tomcat parameter in web.xml.

My suspicion is that it is a Tomcat issue and I see this in Developer Tools when I get automatically logged out. Interestingly, even if I reduce the timeout to “1 min”, the actual timeout is still fixed at 30 minutes.

image

Based on some googling, someone on stackoverflow (from 2 months ago) mentioned the latest Spring Boot release broke the Tomcat “session-timeout” parameter. Not sure if this is related as I don’t know if the UX DEV team uses Spring Boot.

Having a 30 min time-out is not the worst thing for security purposes but wanted to see if everyone else is experiencing something similar?