cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
27625
Views
20
Helpful
19
Replies

Cisco Jabber SSO Timeout

reindl_mc
Level 1
Level 1
Hi Babu
Jabber with SAML SSO -- when you let the PC run over nights and days without shutdown
then you get some day a message that the session has timed out.

You have to shutdown and start again jabber for successful Login.
How can this issue be adressed ?
Kind regards
1 Accepted Solution

Accepted Solutions

A.M.Mahesh Babu
Cisco Employee
Cisco Employee

You should be getting a message saying the session is expired and do you wish to renew .Aren't you getting this ?

View solution in original post

19 Replies 19

A.M.Mahesh Babu
Cisco Employee
Cisco Employee

You should be getting a message saying the session is expired and do you wish to renew .Aren't you getting this ?

I only get message that session is expired - Jabber is still connected, it seems but is not registered anymore. You have to shutdown and start jabber again.

When does this timeout occur ? is there a time to check Setting ? We have SSO - when a session is timeing out - customer assumes that it should reconnect automatically.

any idea ?

Kind regards

Is there any known solution for this sso Problem ?

I have the same issue...I am hoping there is. I just opened a ticket with Cisco asking about the "Token Session Timeout". I found that you can change this in the documentation but they do not mention where to do so. I will keep you posted once I hear back.

Hi!

 

I hope you are doing well.

 

Have you found a solution for this issue ?

There are 4 timers to be considered 1. Idp Idle timeout (A timeout after which terminate a session after a certain amount of inactivity) Where to set : Idp Recommended Value - 8 Hours 2. Absolute Timeout (A timeout after which a session is closed no matter there is user activity or not.) Where to set : Idp Recommended Value - 48 Hours 3. Application session timeout Where to set : CUCM Recommended Value - 30 Minutes ( default) from CLI set webapp session timeout 30 4. OAuth Token Where to set : CUCM Recommended Value - 60 Minutes (default) OAUTH Token Expiry Timer Required Field under Enterprise parameters-->SSO configuration

Hi

I couldn't find  number 3. Application session timeout Where to set : CUCM Recommended Value - 30 Minutes ( default) from CLI set webapp session timeout 30.

 

Please ket me know where is it in CUCM 11.5.

 

Thanks!

 

Shachar

Hi,

 

the range is from 5 - 99999 minutes. So, u won't be  able to enter value 4.

set webapp session timeout minutes

Syntax Description

Parameters Description
minutes
Specifies the time, in minutes, that can elapse before a web application times out and logs off the user.
  • Value range: 5-99999 minutes

     

  • Default value: 30 minutes

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/cli_ref/11_5_1/cucm_b_cli-reference-guide-release-1151su3/cucm_b_cli-reference-guide-release-1151su3_chapter_0110.html

 

regds,

aman

Hi Aman!

Thanks for the quick answer.

Does it affect Cisco Jabber ?
What is the difference between "webapp session timeout" and OAuth Token

Regards,
Shachar

Hi,

 

Jabber login has nothing to do with this command.

 

what do u mean by OAuth Token?

 

regds,

aman

Hi Aman,

 

This discussion is regarding Jabber in SSO deployment and we have the same problem as reindl_mc had.

 

We have deployed Jabber with SSO at one of our customers (CUCM 10.5 / ADFS).

After approximately 6 days from each login that a user is made the Jabber or the ADFS ends the session.

In the Jabber's Error Notifications we can see the "session has timed out"error.

 

Image result for CJ:1000:606

 

A.M.Mahesh Babu mention couple of things that can be relevant: 

 

 We should be getting a message saying the session is expired and do you wish to renew - We don't get that message 

 

He also mention the 4 timers that can be relevant:

 

ADFS

- IDP Idle Timeout

- IDP Absolute Timeout

 

CUCM

- OAuth Token

Application session timeout 

 

Regarding the ADFS - I found the IDP Idle Timeout that was configured to 8 Hours

But not the IDP Absolute Timeout (Which could defanatliy could be the reason for this problem)

 

regarding the CUCM i couldn't understand how is the Application session timeout configuration is related to the SSO at the Jabber

 

Best regards,

 

Shachar

 

Hi ,

 

I won't be able to help u on the same.

 

I suppose u are already in touch with Cisco TAC Engr. So, u can take assistance from him.

 

regds,

aman

Did you find the answer to this? I keep getting error CJ:1000:606 Session Timeout as well. I need to manually reextend my session every 60 minutes, which I figure should be done automatically in the background.

Hi, we are getting same error code CJ:1000:606 and CJ:2100:2. In our Environment, we have the Jabber 12.9 and 14.2 versions. The error report is emananting from Clients with Version 14.2.0.58008. Please, let me know how you were able resolved the issue