Issue:
We're running a Policy Server and we'd like to track the user who
haven't logged in for more than x days. We've followed the instruction
given in that community in order to rely on the SM_USERLASTLOGINTIME
to determine if the user hasn't logged in for x days.
But this value reports some data like "1512029788" (11/30/2017 @ 8:16am
(UTC)) or 0 (we're in 2018), which doesn't make sense.
How can I fix that ?
Resolution:
To get a consistent value :
- Set the response attribute to be recalculate every 1 second and not to be
cached;
- To avoid confusion, use another variable name to pass the value;
To illustrate :
- Configure it as User Attribute for Response :
Attribute Setup
User Attribute
Variable Name : LOGINTIME
Attribute Name : SM_USERPREVIOUSLOGINTIME
HTTP Variable Name : HTTP_LOGINTIME
LOGINTIME=<%userattr="SM_USERPREVIOUSLOGINTIME"%>
and avoid to cache the value.
Recalculate value every
seconds : 1
Then in the Policy, attach this response to a "OnAuthAccept" rule.
KB : KB000121558