KB43888 - HTML5 Citrix session is getting closed when the session reaches the idle timeout value on the role even though the user is active

This article describes an issue where Citrix sessions configured with a custom or Storefront template in the PCS Resource Profile are being timed out when the session reaches the idle timeout value configured on the role, even though the user is actively sending data in the Citrix session.

Citrix sessions are being timed out according to the Idle session timer on the role, even though the user is actively sending data at the time, with the following message displayed in the user access log:

2018-03-07 12:37:42 - ive - [14.0.0.0] test_user(Security Device)[HTML5] - Session timed out for test_user/Security Device (session:8aa12558) 
due to inactivity (last access at 12:32:23 2018/03/07). Idle session identified after user request.
2018-03-07 12:37:42 - ive - [14.0.0.0] test_user(Security Device)[HTML5] - WebSocket connection complete, GET to http://160.0.0.0:8008// from 
160.1.1.1 reason=1 sent=190827 received=28484938 in 2765 seconds

As per the above example, the session timed out after 5 minutes.  The idle session timer configured on the "Security Device" role is also set to 5 minutes. 

This issue occurs due to a software bug where the system fails to update the lastAccess time in the session cache in some cases, at which point the idle timeout is triggered and the user is disconnected.

This issue impacts the following releases:

• Pulse Connect Secure 8.3R1 to 8.3R5
• Pulse Connect Secure 9.0R1

To resolve this problem, please upgrade to the following releases:

• Pulse Connect Secure 8.3R6 and above
• Pulse Connect Secure 9.0R2 and above