We've been dealing with a few different issues recently in the realm of users getting signed out of applications. While looking into it, it gets confusing depending on how the environment is setup. I found several places where timeouts take place within the LF applications: Mobile, Forms, Repository, and STS. If all of the products (including STS) has timeouts configured, how do those affect each other? The two recent issues we have come across are with Mobile.
So Many Timeouts, What is the Order of Precedence?
Hi Blake - please allow me to comment on the Mobile App since that were your two recent cases. Mobile app timeout is determined by the timeout parameter configured on the Mobile Service Configuration page, measuring the length of inactivity that happens on the end-user side. Even if the system, e.g. Repository etc., issues a timeout, the mobile app has the mechanism to reconnect at the backend as long as mobile timeout is yet to hit. If this is not what you are observing and able to produce a different behavior consistently, please open a support case so that we can investigate further. Thank you!
Seeing if someone from Laserfiche could chime in on this one?
Can we also get information about the behavior of the other Laserfiche applications and how they work with regards to using and not using an STS and timeouts?
Your STS timeout doesn't really affect web client at all. You need to have an active LFDS session when you authenticate via SSO, and that's it. It doesn't matter if your STS token expires while you are using web client, it was just used to authenticate you at the beginning.