Notification

WebAccess is Now Legacy Authentication

This application is using an outdated sign-in process that is no longer maintained.

READ MORE
Notification

WebAccess is Now Legacy Authentication

This application is using an outdated sign-in process that is no longer maintained.

READ MORE

WebAccess is Now Legacy Authentication

This application is using an outdated sign-in process that is no longer maintained.

READ MORE

Help

Log in Information

Whether a user reaches the WebAccess login page directly or via a protected service, the process is the same. When users arrive at the WebAccess Authentication page, they will be presented with up to three log in fields:

User ID

Enter your Penn State Account user ID (e.g. xyz5000)

Password

Enter your Penn State Account password

Session Time Limit

The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten web browser sessions. If you have not visited any protected service or the WebAccess log in page within the last 6 hours, an idle timer will end your session thus requiring you to re-authenticate. In addition, the system has a maximum time limit of 15 hours.

Log out Information

In order to protect their respective digital identities, users are highly encouraged to log out from WebAccess when finished using a WebAccess-protected service. Each WebAccess-protected service should provide a log out link, or the WebAccess log out function on the services page may be used. Users also are encouraged, once log out is complete, to exit/quit the web browser completely for added security.

Frequently Asked Questions

I tried to log in, but I see the services page. Why?

You already authenticated via WebAccess. Since you are logged in, the server presents the list of services rather than the login page. To gain access to the service, click on the link from the list or enter the web address of the service in your browser.

I went to a WebAccess-protected page and I wasn't required to log in. Is there a security problem?

No. You already authenticated via WebAccess and thus are enjoying the benefits of not needing to re-authenticate. Don't forget to log out once you are finished.

I authenticated via WebAccess earlier, but the log in page appeared again. Why?

The system provides pre-set timeouts, which aid in minimizing the exposure of forgotten browser sessions. If you have not visited any protected services or the WebAccess log in page within 6 hours, your session will end. In addition, the system has a maximum time limit of 15 hours.

WebAccess and protected services keeps trying to set cookies. Why?

The system used by WebAccess is based on session cookies. These session cookies (which are not saved when you exit the web browser) are used to identify you to WebAccess and each protected service. They do not contain any information about you.

Who can I contact for assistance?

If you're a user and experiencing problems with authentication, then please contact the ITS Service Desk staff at helpdesk@psu.edu. In the body of your e-mail message, include the following:

  • Penn State Account user ID (for example, xyz5000)
  • Time the error occurred
  • Error message(s) received, if any
  • Web browser used and version (for example, Mozilla Firefox 34 or Internet Explorer 11)
  • Platform and operating system (for example, Macintosh OS 10.6 or Windows 7)

What is WebAccess?

The Penn State WebAccess system provides an environment in which users can authenticate/log in one time with their respective Penn State Account user ID and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. For example, a user can authenticate via Penn State WebAccess and then access services, such as the Penn State Portal, Office 365, and a variety of other WebAccess-enabled services, without needing to authenticate again to those services.

Who wrote Penn State WebAccess?

The Penn State WebAccess service is based on the University of Michigan's Cosign technology. This software, part of the NSF Middleware Initiative, and information is available via University of Michigan's Cosign Web site. Portions of this quick reference document are based on documents provided, with permission, by the University of Michigan's Cosign information.The software is installed and customized for Penn State by Identity and Access Management (IAM), a unit of Office of Information Security (OIS).

I would like to incorporate WebAccess into my Web site. Where can I find more information?

Please refer to the Penn State WebAccess website.

WebAccess

Log in to your Penn State Account

Create a Penn State AccountChange my Penn State Account password