Categories
Configuring Time Out Behavior when using DV in OAS 2025
Hello,
I've noticed with our recent upgrade that OAS is returning to the Oracle Login Screen (Non-SSO) after experiencing a timeout. This does not happen when using OBIEE classic, as it it configured to use specific SSO URL for sign out. I don't recall if the previous version did this or not, but I don't ever remember seeing it. I think we're used to just seeing a pop up screen with a message saying a refresh is required. Is there a way to control this behavior within the Oracle application when the DV side times out?
This is what we see in OAS 2022/6.4. Is there any way to configure OAS 2025 to use the same behavior.
Answers
-
Hi Chad,
If you have SSO configured, then you want to configure SSO logout to your SSO provider logout URL.
You can do this via FMW Control Enterprise Manager > left side target navigation menu > business intelligence > biinstance > security sub-tab.
For example, if using SAML SSO (/logout.html)
This should update the file [DOMAIN_HOME]/config/fmwconfig/bienv/core/bi-environment.xml0 -
Yea, I have that configured already. It works correctly when you explicitly log out. However, on a TIME OUT, the behavior is not the same as it was in our previous version of OAS (6.4)
I'll take a look at that xml file, but I kind of feel like we uncovered another bug.
Regards,
Chad
0 -
Confirmed bi-environment.xml file is identical between OAS 2022 and OAS2025. Will probably go ahead and submit an SR with Oracle Support. Thanks.
0 -
Thanks for clarifying further, I agree with you timeout should use the same logout URL
What type of SSO/IDp are you using?
If you followed a specific documentation or technical note, can you share it here?0 -
It's a custom SSO proxy, written by one of our engineers. That's as much detail as I know about it. Am currently on vacation, so can seek out more information when I return next week.
0 -
OK, thanks for the follow-up. It may be best to file a service request and provide all the details.
0 -
I filed a service request with support (SR 3-40773138741). They're basically telling me that this is THE behavior now in OAS. Our users are not going to be thrilled with this.
I mean, if anything, I feel like it should use the same logout URL that is used when you click "Logout" from your user profile in the upper right corner. Then it would use our proxy setting. This is just automatically dumping you to the Oracle Login screen. Our users don't know what to do when they get there as that is not compatible with the concept of SSO.
They did direct me to the settings in the console, however. Under security there are new settings there that did not exist in OAS 2022. I was able to set the timeout to 480 minutes. I'm doing more testing as I'm curious to see what happens if I turn on the automatic logout, and if it uses the designated logout or not and leverages our Proxy.
0 -
I logged a SR for this awhile back, for the same issues you mention above.
It sounds like they've now released a one-off patch, please ask your SR owner about:
The force signout you mention is problematic in general with SSO enabled. We found that if you have multiple tabs open to /dv it will warn you on the first tab, and if you dont extend it there it will automatically logout all the other tabs and send you to the non-sso login page.
I've not yet tested the patch, but if you beat me to it please reply here to let us know if it fixes things.
Thanks,
Brandon1 -
@BrandonH Is this for OAS 2025?
0 -
No, 7.6.0.0.241220. I was told it will be included in the July SBP, but confirm that with your support analyst.
2
