Define application advanced settings

The application settings Advanced sub-pane includes additional settings supporting targeting more specific features such as session time out, duration, content re-writing, certificate use and others

During this task you will define session settings, enabled or disable deep linking, enable or disable content rewriting, headers, maximum file upload size and more.

To manage application advanced settings:

  1. Navigate to your Access Gateway instance and sign in.
  2. Select the Applications tab.
  3. Click Edit ().

    Clicking an application label in the Topology pane also opens the application for edit.

  4. Select the Settings tab.
  5. Expand the Advanced sub-pane.
  6. Modify one or more settings and click Done.

The Advanced pane includes:

Field Description Comments
Browser Session Expiration Application session is set to expire with the browser's session. Default: Disabled.
Idle Session Duration Destroys application session if user is idle for this duration. Default: 1h.
Format: #units.
For example 60s, 30m.
Minimum 60s.
Maximum Session Duration Maximum application session duration.
Format number with d, s, m or h.
Default: 8h.
Format: #units.
Default unit is seconds if no unit specified.
Setting Maximum Session Duration equal to 0 (zero) disables maximum session timeout.

Browser Session Expiration, Idle Session Duration, and Maximum Session Duration work together to define when a session expires and the associated behavior. For details of how these three settings work together see Application session timeout interaction.
See No session/session expired in Define application behaviors for more information on defining application behavior in general and session expiration in particular.

Deep Linking Dynamically redirect browser to application URI after sign in. If disabled, only redirect to Post Login URL after sign in. Default: Enabled.
Enforce Deep linking Domain When enabled, Access Gateway only allows deep links that share the public domain name. If the deep link domain doesn't match, Access Gateway only uses the post login URL. Default: Enabled.

Content Rewrite

Access Gateway attempts to rewrite URLs and redirects in an application's HTML content

Default: Enabled.

Host header

Access Gateway sends the Host header to back end application.

Default: Disabled.

Certificate Type

Create a wild card or host-only certificate.

Default: Enabled.
Create host-only certificate.

Debug mode

Puts this app into debug mode.

Useful for initial setup and troubleshooting. Can have significance impact on system performance and should be disabled in production systems.

Default: Enabled.

Maximum File Upload Size

Maximum file upload size.

A value of 0 equals unlimited.

Default: 1MB.

Note: To extend the send timeout associated with a large upload or downloads see Set large file upload/download time out.

Backend Timeout duration

0 is unlimited.

Minimum timeout for reads to back end system.

Default: 1m.

Format: #units.

Known Issues

Browser Session Expiration not respected

Applies only to Access Gateway v2020.12.3 and prior.

User experience: End users are unexpectedly redirected to custom URL/URI configured in Settings > Behaviors : no session/session expired when Idle or Maximum session limits are reached but Browser Session Expiration is enabled and the browser session has not expired.

Issue: Access Gateway is not respecting Browser Session Expiration enabled but rather acting on Idle and Maximum session timeouts while browser is still open.

Workaround: Before enabling Browser Session Expiration, set idle and max session to something larger then expected browser session timeout. Save the changed setting. Reopen the application, and then set Browser Session Expiration enabled, save again.
For example, if an 8 hr browser session expected timeout, set idle >= 9h and Maximum session timeout 0 (doesn't expire). Then enable browser session expiration.