Whether a user reaches the WebAccess login page directly or via a protected service, the process is the same. When users arrive at the WebAccess Authentication page, they will be presented with up to three log in fields:
Enter your Penn State Access Account user ID (e.g. xyz5000)
Enter your Penn State Access Account password
The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten web browser sessions. If you have not visited any protected service or the WebAccess log in page within the last 6 hours, an idle timer will end your session thus requiring you to re-authenticate. In addition, the system has a maximum time limit of 15 hours.
In order to protect their respective digital identities, users are highly encouraged to log out from WebAccess when finished using a WebAccess-protected service. Each WebAccess-protected service should provide a log out link, or the WebAccess log out function on the services page may be used. Users also are encouraged, once log out is complete, to exit/quit the web browser completely for added security.
You already authenticated via WebAccess. Since you are logged in, the server presents the list of services rather than the login page. To gain access to the service, click on the link from the list or enter the web address of the service in your browser.
No. You already authenticated via WebAccess and thus are enjoying the benefits of not needing to re-authenticate. Don't forget to log out once you are finished.
The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten browser sessions. If you have not visited any protected services or the WebAccess log in page within 6 hours, your session will end. In addition, the system has a maximum time limit of 15 hours.
The system used by WebAccess is based on session cookies. These session cookies (which are not saved when you exit the web browser) are used to identify you to WebAccess and each protected service. They do not contain any information about you.
The Penn State WebAccess system provides an environment in which users can authenticate/log in one time with their respective Access Account user ID and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. For example, a user can authenticate via Penn State WebAccess and then access services, such as the Penn State Portal, Penn State WebMail, and a variety of other WebAccess-enabled services, without needing to authenticate again to those services.
The Penn State WebAccess service is based on the University of Michigan's Cosign technology. This software, part of the NSF Middleware Initiative, and information is available via University of Michigan's Cosign Web site. Portions of this quick reference document are based on documents provided, with permission, by the University of Michigan's Cosign information.The software is installed and customized for Penn State by Identity and Access Management (IAM), a unit of Office of Information Security (OIS).
Please refer to the Penn State WebAccess website.