Affected Versions: All appliances going from 8.x to 9.x
Description: After upgrading to 9.x from 8.x, users are receiving a 401 error on applications located within a SecurePortal after the page has been idle for too long.
Cause: There is a bug in version 9.x that does not honor FBA cookie. This causes the 401 error because the portal is trying to log into the application, but the session cookie is expired.
Resolution: If you went to version 9.0.2, use this link (https://secureauth.sharefile.com/d-s435c332bb5d42678) to download a new secureauth.aspx.vb file and replace your old secureauth.aspx.vb file in the SecurePortal realm and the realms within the SecurePortal. If you are on a version 9 but not 9.0.2, then a workaround for this would be to make configuration changes on the token settings for the SecurePortal realm.
Make sure to set the Persistent to false and this will now give you the option to log back into the application with your credentials once again instead of displaying the 401 error. The timeout configuration is what causes the expiration of the cookie so adjust your timeout length to what you want desired.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.