000018216 - How to set cookie expiration times

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018216
Applies ToRSA ACE/Agent for Web
RSA ACE/Agent 4.4 for Windows NT (no longer supported as of 3-3-2003)
Netscape Navigator browser does not experience this problem
IssueHow to set cookie expiration times
A SecurID user accesses a protected page and gets challenged. If that user browses to another page and then hits BACK to the protected page, they are not challenged again.
To ensure that cookie timeouts are enforced, you need to enable the option in your browser to always force pages to update. Doing so ensures that the page is refreshed and cookie time validity is checked by our code. If the pages are not  refreshed, the client code will not check the time validity on the cookies. Even if the cookie expiration time is in the past, the user will not be prompted for SecurID authentication.
CauseThis is caused by viewing a cached page which is something our agent does not check
ResolutionTo enable this option for Internet Explorer, do the following:

1. From the top menu, select on Tools --> Internet Options

2. Under the Advanced tab, select "Automatically check for Internet Explorer Updates"
Legacy Article ID6.0.2733619.2863700