Session and Timeout Issues
Overview
Laser App Anywhere has the following requirements for reliable operation. The items below outline the types of potential problems and the requirements to avoid them.
Enable Secure Session Cookies
Secure session cookies must be enabled for the domains www.laserapp.net (production) and dev.laserapp.net (demo). Under normal circumstances Anywhere will never store persistent or third-party cookies. It will, however, attempt to store theme preferences in a browser’s local storage when possible or allowed by the user. Local storage allows for the login screen to maintain the account “theme” preferences set by the user (non-API accounts only).
If you have a network security appliance or proxy that removes cookies you will need to whitelist the above two domains.
Do Not Use Shared Accounts
For security and compliance purposes never share your password with anyone. Simultaneous user sessions are not supported by the Terms of Use agreement and have no valid use-case in the Anywhere web application. When account credentials are shared it will automatically be logged for compliance, and invalidate all other user’s sessions based on that account. This is the most common cause of the error: “Your previous session has expired or is no longer valid“.
Time Out Due to Inactivity
The client-based timeout period for a browser session is approximately 25 minutes of inactivity in the Anywhere program. After this time you will see a two minute drop-down warning message and then the account will automatically be logged out if no action is taken (this is a different “time-out” than in item 2 above and does not indicate a session problem).
If supported in your browser, you can also enable desktop level notifications in your browser to indicate the timeout is about to occur even if the browser is not the active program. For transactional accounts (no user login) you must let the browser use notification for the domain. For seat-based (user login) accounts you can request to enable this from the Account Settings button in the Dashboard.
Always Log Out
Always log out. If an active browser tab with Anywhere is just closed instead of logging out you will see a message the next time you login that another session was active. CRM integrations which are implemented properly will open a separate browser tab for Anywhere and maintain it between contact data pushes. Only the first contact push requires a login (assuming delegated SSO or SAML based single sign on are used).
Not Do Change UP Addresses Mid-Session
Under most situations and for security purposes Anywhere does not support IP address changes mid-session. This can occur if you login using one Internet connection and then change the connection (e.g., plug in a different WIFI card). Simply logout first before doing this to avoid this type of session disruption.
Log Out and Close Browser after Session
SAML SSO logouts. If your company uses SAML single sign on you don’t need a password, however, you still need to logout after completing work. Due to the nature of SAML authentication, you must completely close your browser to end a previous session. When you logout of Anywhere it will not log you out of other SAML connected software only Anywhere.