PROMPT (for auto logout)

The PROMPT element provides a feature that allows a user to resume an application after an auto logout event.

Note: The re-login prompt feature is supported on the GBC (starting from version GBC 1.00.38). It is not supported on Genero Mobile front-ends (GMA, GMI), and the Genero Desktop Client (GDC). If used, an HTTP 410 error page is displayed.

Syntax

<PROMPT Timeout=seconds Type={"URL"|"DELEGATE"}>url</PROMPT>
  1. seconds is the number of seconds as the allowed time for a user to re-log in.
  2. The Type attribute has a value of either URL or DELEGATE. This attribute is mandatory. See Security considerations.
  3. url is either the application URL or the delegation service URL, depending on the value set by Type.

Usage

You use this element to configure a re-log-in prompt, which allows a user to resume activity after an auto logout event is detected. A message is displayed for a set period of time notifying the user that a re-log in is needed to continue. If the user resumes the application during the prompt's timeout period, the application resumes, otherwise the application stops.

Usage example: Type URL

In this example a timeout duration is set to 200 seconds, which means that a page is displayed for that period of time notifying the user that a re-log in is needed to continue. If the user clicks on the re log button, the user agent is redirected to the specified URL.
 <AUTO_LOGOUT_COMPONENT Id="cpn.wa.autologout">
      <TIMEOUT>0</TIMEOUT>
      <PROMPT Timeout="200" Type="URL">http://localhost:6394/prompt.html</PROMPT>
 </AUTO_LOGOUT_COMPONENT>

Usage example: Type Delegate

In this example, the user agent is redirected to the specified delegation service.
 <AUTO_LOGOUT_COMPONENT Id="cpn.wa.autologout">
      <TIMEOUT>0</TIMEOUT>
      <PROMPT Timeout="200" Type="DELEGATE">services/OpenIDConnectServiceProvider</PROMPT>
 </AUTO_LOGOUT_COMPONENT>

Security considerations

When using PROMPT of Type URL, no security check is done to ensure that the request to resume the application comes from a valid user. Therefore you must use prompt of type URL only for prototyping purposes.

We recommend you use the DELEGATE mechanism for security reasons, because when the /ua/resume request is forwarded to the delegate service, you can check additional tokens to ensure the user has been properly identified before resuming the application.

Parent elements

This element is a child of the following elements: