Session/login timeout happening for active users after 15 minutes #1100 | Support

kirtik created 3 years ago

ABP Framework version: vX.X.X
UI type: MVC/jquery
DB providerMongoDB
Tiered (MVC) or Identity Server Seperated (Angular): no

We are receving this below error related to login user timeout only from couple of pages. Rest of the pages are working fine . The session timeout is set to 1 year.

Can you please help us here ?

Thanks

11 Answer(s)

0

maliming created 3 years ago
Support Team Fullstack Developer

hi

Can you check and share your application logs when you got this error?
0

kirtik created 3 years ago

Hello @maliming,

I have shared the logs via email with info@abp.io . Can you please check the logs and respond ? I could not accomodate the logs here.

Thanks
0

maliming created 3 years ago
Support Team Fullstack Developer

hi @kirtik

Can you re-send it to liming.ma@volosoft.com?
0

kirtik created 3 years ago

ok
0

kirtik created 3 years ago

I have emailed you the logs. Can you please look into it urgently ? Its been an escalated issue with our client for long now.

Thanks

maliming created 3 years ago

Support Team Fullstack Developer

hi kirtik

2021-03-26 18:01:49.851 +05:30 [DBG] Security stamp validation failed, rejecting cookie.
2021-03-26 18:01:49.851 +05:30 [INF] AuthenticationScheme: Identity.Application signed out.
2021-03-26 18:01:49.852 +05:30 [INF] AuthenticationScheme: Identity.External signed out.
2021-03-26 18:01:49.852 +05:30 [INF] AuthenticationScheme: Identity.TwoFactorUserId signed out.
2021-03-26 18:01:49.853 +05:30 [INF] Identity.Application was not authenticated. Failure message: No principal.
2021-03-26 18:01:51.758 +05:30 [INF] Identity.Application was not authenticated. Failure message: No principal.
2021-03-26 18:01:51.758 +05:30 [INF] Identity.Application was not authenticated. Failure message: No principal.

Security stamp validation failed

This is like you have changed the important info of the user, such as: username, password, email, etc.

Can you confirm it?

0

kirtik created 3 years ago

No we have not changed any username password or any other code.
0

maliming created 3 years ago
Support Team Fullstack Developer

hi kirtik

Can you reproduce the problem 100%? Please share the steps if you can.Thanks
0

kirtik created 3 years ago

hello @maliming,

We can share the screen via a zoom meeting , and we can show you how the user gets loggedout after a particular time. Is that possible? we can do it tomorrow at your convinient time , since this is an urgent and burning issue. Please let me know.

Thanks
0

maliming created 3 years ago
Support Team Fullstack Developer

hi kirtik

ok, I can check it remotely. liming.ma@volosoft.com
0

kirtik created 3 years ago

Hello @maliming,

Finally ! We got it working by setting the security stamp validation . Referred following link and your mention of securitystampvalidator class.

[https://stackoverflow.com/questions/49702256/why-does-my-identityserver4-based-server-timeout-in-30-minutes-and-only-support]

services.Configure<SecurityStampValidatorOptions>(options => options.ValidationInterval = TimeSpan.FromHours(24));

Testing it now, but am sure it will work and prevent logout.

Thanks

Have an answer to this question? Log in and write your answer.