IBM Support

Maximo - Randomly being logged out - LTPA in security domain

Technical Blog Post


Abstract

Maximo - Randomly being logged out - LTPA in security domain

Body

Maximo Support - Saw this and thought of you

 

I came across an unusual issue today so thought I would share....... 

 

A client reported users randomly being logged out of Maximo

Looking in the SystemOut.log , messages similar to below were seen (some client specific details changed)

 

 LTPAServerObj W   SECJ0371W:      
Validation of the LTPA token failed because the token expired with the  
following info: Token expiration Date: <date and time here>  
current Date: <date and time here>                              
xx Token attributes:  port=8880, username=user:ISMRealm/CN=maxadmin,OU=S
upport,dc=test,dc=local,               
hostname=<hostname here>

 

OK, so far not so unusual. 

This is often caused by the setting of LTPA token timeout being set too low in WebSphere - so the token expires while the user is still trying to use Maximo. 

 

Here is the unusual part.  Changing the global setting for the LTPA timeout in the WAS admin console to a higher value made no difference. 

Further investigation found that the client has a security domain configured:

 

Security domains have their own configuration so the LTPA timeout had to be set higher within the security domain.

i.e. In the WAS Admin console, go to Security > Security Domains > <securitydomainname> set the LTPA timeout to a higher value and then restart
the application sever.

 

 

 

 

 

[{"Business Unit":{"code":"BU005","label":"IoT"}, "Product":{"code":"SSLKT6","label":"Maximo Asset Management"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":""}]

UID

ibm11129551