Log in Information
Whether a user reaches the WebAccess login page directly or via a protected service, the process is the same. When users arrive at the WebAccess Authentication page, they will be presented with up to 3 log in fields:
- User ID
- Enter in your Penn State Access Account (or Friends of Penn State) user ID (e.g. xyz5000)
- Enter your Penn State Access Account (or Friends of Penn State) password
- Token (optional)
- If you see this field (and it is likely that you may not see this field), then the site you are trying to view requires a special security token. For more information about tokens, please click here.
Session Time Limit
The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten Web browser sessions. If you have not visited any protected service or the WebAccess log in page within the last 6 hours, an idle timer will end your session thus requiring you to re-authenticate. In addition, the system has a maximum time limit of 15 hours.
Log out Information
In order to protect their respective digital identity, users are highly encouraged to log out from WebAccess when finished using a WebAccess protected service. Each WebAccess protected service should provide a log out link, or the WebAccess log out function on the services page may be used. Users also are encouraged, once log out is complete, to exit/quit the Web browser completely for added security.
Frequently Asked Questions (FAQ)
- I tried to log in, but I see the services page. Why?
- You already authenticated via WebAccess. Since you are logged in, the server presents the list of services rather than the login page.
- I went to a WebAccess protected page and I wasn't required to log in. Is there a security problem?
- No. You already authenticated via WebAccess and thus enjoying the benefits of not needing to re-authenticate. Don't forget to log out once you are finished.
- I authenticated via WebAccess earlier but the log in page appeared again. Why?
- The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten Web browser sessions. If you have not visited any protected services or the WebAccess log in page within 6 hours, your session will end. In addition, the system has a maximum time limit of 15 hours.
- WebAccess and protected services keeps trying to set cookies. Why?
- The system used by WebAccess is based on session cookies. These session cookies (which are not saved when you exit the Web browser) are used to identify you to WebAccess and each protected service. They do not contain any information about you.
- While logging in, I noticed 4 error screens about "Your browser has been redirected..." Is something broken?
- It is likely that you are using Netscape version 4.x. In this case, the redirects are perfectly normal (in fact, they are necessary for WebAccess to function properly); however, the older version of Netscape does not handle them properly. You may safely ignore these error screens (there is no way to disable them). It is recommended that you upgrade to a current, standards-compliant Web browser. Up-to-date Web browsers are available via the downloads.its.psu.edu Web site Please note that downloads.its.psu.edu requires users to authenticate with a Penn State Access Account user ID and password, and uses Penn State WebAccess to do so.
- Who can I contact for assistance?
If you're a user and experiencing problems with authentication, then please contact the
ITS Service Desk staff at
firstname.lastname@example.org. In the body of your e-mail message,
include the following:
- Penn State Access Account user ID (for example, xyz5000);
- Time the error occurred;
- Error message(s) received, if any;
- Web browser used and version (for example, Mozilla 7.1 or Internet Explorer 6); and,
- Platform and operating system (for example, Macintosh OS 10.6 or Windows 7).
- What is WebAccess?
- The Penn State WebAccess system provides an environment in which users can authenticate/log in one time with their respective Access Account user ID and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. For example, a user can authenticate via Penn State WebAccess and then access services such as the Penn State Portal, Penn State WebMail, and a variety of other WebAccess-enabled, without needing to authenticate again to those services.
- Who wrote Penn State WebAccess?
The Penn State WebAccess service is based on the University of Michigan's Cosign technology. This
software, part of the NSF Middleware Initiative, and
information is available via University of
Michigan's Cosign Web site. Portions of this quick reference document are based on documents
provided, with permission, by the University of Michigan's Cosign information.
The software is installed and customized for Penn State by Applied Information Technologies (AIT) in Administrative Information Services (AIS), a unit of Information Technology Services (ITS).
- I would like to incorprate WebAccess into my Web site. Where can I find more information?
- Please refer to the Penn State WebAccess: Documentation for Web Developers Web site.