LastLogin

Document ID : KB000121558
Last Modified Date : 27/11/2018
Show Technical Document Details
Issue:
We're running a Policy Server and we'd like to track the user who
haven't logged in for more than x days. We've followed the instruction
given in that community in order to rely on the SM_USERLASTLOGINTIME
to determine if the user hasn't logged in for x days.

But this value reports some data like "1512029788" (11/30/2017 @ 8:16am 
(UTC)) or 0 (we're in 2018), which doesn't make sense. 

How can I fix that ?
Resolution:
To get a consistent value :

 - Set the response attribute to be recalculate every 1 second and not to be 
   cached;

 - To avoid confusion, use another variable name to pass the value;

To illustrate :

  - Configure it as User Attribute for Response : 

    Attribute Setup 

    User Attribute 

    Variable Name : LOGINTIME 
    Attribute Name    : SM_USERPREVIOUSLOGINTIME 

    HTTP Variable Name : HTTP_LOGINTIME 

    LOGINTIME=<%userattr="SM_USERPREVIOUSLOGINTIME"%> 

    and avoid to cache the value. 

    Recalculate value every 
    seconds : 1 

Then in the Policy, attach this response to a "OnAuthAccept" rule.