000031042 - TIme To Live (TTL) time outs now configurable in RSA Adaptive Authentication (OnPrem) Back Office Application

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031042
Applies ToRSA Product Set:  Adaptive Authentication (OnPrem)
RSA Product/Service Type:  Adaptive Authentication (OnPrem)
RSA Version/Condition:  7.1
Issue

In Adaptive Authentication On-Premise (AAoP) version 6.x, transaction Time To Live (TTL) was configurable by modifying the d-applicationContext.xml. In AAoP 7.1 this variable has been discontinued.  Various timeouts can be configured in the Back Office application through the Administration console.  One TIme Password (OTP) and Multi-Credential Framework (MCF) plugins such as TeleSign SMS, can be configured similarly through their XML configuration files.
 

Resolution

In Adaptive Authentication On-Premise (AAoP) version 6.x transaction Time To Live was configurable by modifying the d-applicationContext.xml.  In AAoP 7.1 this variable has been discontinued.  Various timeouts can be configured in the Back Office application through the Administration console  (Back Office > Administration > Authentication Methods).



Please Note: OOB Challenge Live Time (seconds)  is actually in minutes. The Back Office user interface is being modified in AAoP version 7.2 to reflect the proper units.



There are a  couple of exceptions for One Time Password (OTP) timeouts.  These are configured in the
/<Install-Directory>/configs/c-config-acsp_otp.xml.
The OTP token length can also be changed. The token is generated as random numeric digits only.


Change the OTP Session Time Out (seconds)


To make the change to the OTP session time out, make the edit in bold below:


<property name="sessionTimeOut">
        <value>600</value>
</property>


Change the OTP Token Time Out (seconds)


To make the change to the OTP token time out, make the edit in bold below:


<bean class="com.passmarksecurity.config.bean.ClassFreeBean" id="otpConfiguration">
     <property name="parameters">
           <map>
                <entry key="otpKey">
                    <value>otp</value>
                </entry>
                <entry key="NotificationTimeout">
                    <value>88200</value>
                </entry>

                <entry key="otpKeyLength">
                     <value>5</value>
                </entry>
           </map>
     </property>
</bean>

Attachments

    Outcomes