Affected Versions: All appliances going from 8.x to 9.x
Description: After upgrading to 9.x from 8.x, users are receiving a 401 error on applications located within a SecurePortal after the page has been idle for too long.
Cause: There is a bug in version 9.x that does not honor FBA cookie. This causes the 401 error because the portal is trying to log into the application, but the session cookie is expired.
Resolution: If you went to version 9.0.2, use this link (https://secureauth.sharefile.com/d-s435c332bb5d42678) to download a new secureauth.aspx.vb file and replace your old secureauth.aspx.vb file in the SecurePortal realm and the realms within the SecurePortal. If you are on a version 9 but not 9.0.2, then a workaround for this would be to make configuration changes on the token settings for the SecurePortal realm.
Make sure to set the Persistent to false and this will now give you the option to log back into the application with your credentials once again instead of displaying the 401 error. The timeout configuration is what causes the expiration of the cookie so adjust your timeout length to what you want desired.