0 Replies Latest reply on Jan 24, 2007 8:20 AM by Jeroen Koek

    Portal security and tomcat security are not inline

    Jeroen Koek Newbie

      I'm using portal v2.4.

      The portal is configured to use security.
      The user has to logon to the portal when accessing a pate.

      I have a portlet that start's up a new window using javascript.
      Within this window I'm communicating directly with a servlet/jsp page.

      The timeout of the portal is set to 5 minutes.
      Every 3 minutes the new created window is refreshing the page using the session id of the main portal.

      After 5 minutes the portal is flushing the session because it thinks that it isn't used anymore.

      On the next refresh of the window a http status message 403 - Access to the requested resource has been denied is shown, because of the flush of the session done by the portal.

      How can I make sure that the portal and the webserver are using the same refresh on the session?