Log in Information
Whether a user reaches the WebAccess login page directly or via a protected service, the process is the same. When users arrive at the WebAccess Authentication page, they will be presented with up to three log in fields:
- User ID
- Enter your Penn State Access Account (or Friends of Penn State) user ID (e.g. xyz5000)
- Enter your Penn State Access Account (or Friends of Penn State) password
- Token (optional)
- If you see this field (and it is likely that you will not see this field), then the site you are trying to view requires a special security token. For more information about mainframe tokens, please see the information on mainframe tokens.
Session Time Limit
The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten web browser sessions. If you have not visited any protected service or the WebAccess log in page within the last 6 hours, an idle timer will end your session thus requiring you to re-authenticate. In addition, the system has a maximum time limit of 15 hours.
Log out Information
In order to protect their respective digital identities, users are highly encouraged to log out from WebAccess when finished using a WebAccess-protected service. Each WebAccess-protected service should provide a log out link, or the WebAccess log out function on the services page may be used. Users also are encouraged, once log out is complete, to exit/quit the web browser completely for added security.
Frequently Asked Questions (FAQ)
- I tried to log in, but I see the services page. Why?
- You already authenticated via WebAccess. Since you are logged in, the server presents the list of services rather than the login page. To gain access to the service, click on the link from the list or enter the web address of the service in your browser.
- I went to a WebAccess-protected page and I wasn't required to log in. Is there a security problem?
- No. You already authenticated via WebAccess and thus are enjoying the benefits of not needing to re-authenticate. Don't forget to log out once you are finished.
- I authenticated via WebAccess earlier, but the log in page appeared again. Why?
- The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten browser sessions. If you have not visited any protected services or the WebAccess log in page within 6 hours, your session will end. In addition, the system has a maximum time limit of 15 hours.
- WebAccess and protected services keeps trying to set cookies. Why?
- The system used by WebAccess is based on session cookies. These session cookies (which are not saved when you exit the web browser) are used to identify you to WebAccess and each protected service. They do not contain any information about you.
- Who can I contact for assistance?
If you're a user and experiencing problems with authentication, then please contact the
ITS Service Desk staff at
email@example.com. In the body of your e-mail message,
include the following:
- Penn State Access Account user ID (for example, xyz5000);
- Time the error occurred;
- Error message(s) received, if any;
- Web browser used and version (for example, Mozilla Firefox 34 or Internet Explorer 11); and,
- Platform and operating system (for example, Macintosh OS 10.6 or Windows 7).
- What is WebAccess?
- The Penn State WebAccess system provides an environment in which users can authenticate/log in one time with their respective Access Account user ID and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. For example, a user can authenticate via Penn State WebAccess and then access services, such as the Penn State Portal, Penn State WebMail, and a variety of other WebAccess-enabled services, without needing to authenticate again to those services.
- Who wrote Penn State WebAccess?
- The Penn State WebAccess service is based on the University of Michigan's Cosign technology. This software, part of the NSF Middleware Initiative, and information is available via University of Michigan's Cosign Web site. Portions of this quick reference document are based on documents provided, with permission, by the University of Michigan's Cosign information.The software is installed and customized for Penn State by Identity Services, a unit of Information Technology Services (ITS).
- I would like to incorprate WebAccess into my Web site. Where can I find more information?
- Please refer to the Penn State WebAccess website.