How to solve "SMSESSION cookie has expired and will not be used to authenticate." problem?
This error means the SMSESSION cookie has expired. SMSESSION cookie expired could be:
- User has reaches the maximum idle timeout configured for a protected realm.
You can create a response using 'Web Agent-OnAuthAccept-Session-Idle-Timeout' response attribute to override this.
- User has reaches the maximum realm timeout configured for a protected realm.
You can create a response using 'WebAgent-OnAuthAccept-Session-Max-Timeout' response attribute to override maximum timeout value.
- Webagent and Policy Server not in sync. The webagent and Policy Server need to be in sync.
By default, the Policy Server and Web Agent calculate time relative to Greenwich Mean Time (GMT). Therefore, for each system that has a Policy Server or Web Agent installed, the system clock must be set for the time zone appropriate to that systems geographical location.
- If you flush all cache at the Policy server Admin UI, users who already authenticated may get this error or SMSESSION will be invalidated.