Muse Proxy FAQ
Muse Proxy
AUTHENTICATION_TIMEOUT_ALERT_WINDOW_DURATION
field for the Application Web Module from the ${WEB_CONTEXT_HOME}/WEB-INF/web.xml
configuration file. By default, this is set to 60 seconds before the Muse Proxy application session will end.
The Muse Proxy Application interface is on top of other core layers, hence increasing the interface timeout value involves increasing the underlying timeouts to avoid the expiration of system sessions before the interface. The underlying timeout values must be bigger than the interface value, or at most equal.
For example, to increase the application inactivity timeout to 60 minutes, the following must be done:
Increase timeout values at the system level
${MUSE_HOME}/proxy/modules/handlers/RequestHandlerWeb.xml
Edit this file on disk and change the value ofCLIENT_SESSION_TIMEOUT
to3900000
. The default value is:
(35 minutes) The new value:
(65 minutes)3900000 ${MUSE_HOME}/proxy/webcontexts/NavigationManager/profiles/NavigationSession.xml
Edit this file on disk and change the value ofNAVIGATION_SESSION_TIMEOUT
to3600000
. The default value is:
(30 minutes) The new value:1800000
(60 minutes)3600000 ${MUSE_HOME}/proxy/webcontexts/NavigationManager/profiles/filters/MuseProxyAuthenticationToken.xml
Edit this file on disk and change the value ofAUTHENTICATION_TOKEN_TIMEOUT
to7200000
. The default value is:3600000
(120 minutes) The value of7200000 AUTHENTICATION_TOKEN_TIMEOUT
must be significantly higher than theNAVIGATION_SESSION_TIMEOUT
.
Increase the timeout value at the application level
${MUSE_HOME}/proxy/webcontexts/Applications/APPLICATION_ID/WEB-INF/web.xml
This file can be edited in the Muse Proxy Administrator Console, Applications -> Manage Applications
, hover the desire proxy application and click the WEB.xml
button. Locate the AUTHENTICATION_TIMEOUT
field and change its value from the default 1800000
(30 minutes) to 3600000
(60 minutes)
To load the new value immediately, go to the Advanced -> Operations
menu and click the Refresh Applications
button.
The Navigation Sessions are used only by the ‘Navigation Manager’ Web Context (the Muse Navigation Manager component) to store useful data regarding a specific link navigation using a certain target site authentication context (cookies, referrer, next proxy access details, encoding etc.) through Muse Navigation Manager. This type of session is managed using an ID (named MuseSessionID) stored in the path of the Muse Navigation Manager rewritten links. This ID has associated a Navigation Session object at server side that stores the information needed to serve the requests for that Navigation Session (cookies, referrer, authorization, proxy, encoding, etc.).
A Navigation Session is generated by Muse Proxy in the following cases:
– when a user navigates on a ‘Type 1’ rewritten link there is generated automatically a redirect to a ‘Type 2’ rewritten link. The ‘Type 2’ rewritten link generated has associated a new Navigation Session;
– when a user logs into a Muse Proxy application and navigates on a Muse Proxy source link there is generated automatically a redirect to a ‘Type 2’ rewritten link. The ‘Type 2’ rewritten link generated has associated a new Navigation Session.
Many Navigation Sessions can be created for a single client, each corresponding to the authentication context of each rewritten target site. All the Navigation Session objects created for a Muse Proxy client are stored inside the Client Session object associated with that client. There is no limit set for the number of Navigation Sessions associated with each client.
The Client Sessions are used by the Muse Proxy Web Contexts which perform authentication in order to store the client authentication status to that Web Context, as well as other user metadata.
When a request comes to Muse Proxy (as a web server) without a Client Session cookie, a Client Session ID will be generated for it and sent back for storage in the browser in the form of a HTTP cookie. The name of the cookie is ‘MuseClientSessionID’. The Client Session cookie is returned to the Client only for the requests which require an authentication context. If a Client has performed only requests for free or public resources (e.g. static files: *.css, *.js, images etc), no Client Session cookie will be returned in the response.