I need to change the session timeout in a Jahia application. Which property/file should I change to achieve that? Also will that be valid for edit mode also?
Thank you
The default session timeout can be changed in the file jahia_installation/tomcat/webapps/ROOT/WEB-INF/web.xml
The following configuration has to be set:
<session-config>
<session-timeout>30</session-timeout>
</session-config>
For the users in the edit mode, the session timeout can be set in jahia.properties file under jahia_installation/digital-factory-config/jahia/jahia.properties
# This property sets the session lifetime (minutes)
sessionExpiryTime = 60
Related
I am working on classic Asp application. I am trying to set the session timeout as 5 minutes. But it's not working. I tried with following solutions but no luck.
Tried by setting the session.timeout = 5in web.config.
Tried by setting the session.timeout = 5 in global.asa file in both Application and Session event.
Set the session.timeout property of ASP in IIS.
Set the idle timeout of application pool of the web page.
I am using IIS8.5 and server 2012 OS.
Anyone help me to solve this issue?
Have you try to put session.timeout in very top of your pages, before all script tag? Can you show your web.config and global.asa? If success you need to put session.timeout in all pages
I have the following configuration in tomcat configuration files :
<session-config>
<session-timeout>10</session-timeout>
<cookie-config>
<domain>myapp.mycompany.com</domain>
<http-only>true</http-only>
<secure>false</secure>
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
<Context path=""
docBase="ROOT"
sessionCookieName="mycookiename"
sessionCookieDomain="myapp.mycompany.com"
sessionCookiePath="/"
useHttpOnly="true"
reloadable="false">
<WatchedResource>WEB-INF/web.xml</WatchedResource>
</Context>
As configured above , the cookie is getting set as "session only" in browser ..and on browser quit its getting deleted as expected. But when I am opening the browser again and hitting my application URL again, same JSESSIONID is getting written to the cookie.
Why is it behaving that way ? Isn't it supposed to write a new jsessionid every time ?
It finally appears that the issue was that in Mac i have to actually quit the browser, rather than hitting its close button ...
I have a filter to be called which finds, after every page is requested if the user & session is privileged and valid respectively. But I want to invalidate the session at beginning, just before the login. Because if someone does not log out it is capturing that session if active, while next login. There is an index.jsp which is redirecting to the page after doing this job. but if the login page is hit directly then it captures the previous session.
LoginManagedBean.java
public LoginManagedBean() {
super(FacesContext.getCurrentInstance().getExternalContext());
System.out.println(FacesContext.getCurrentInstance());
System.out.println(FacesContext.getCurrentInstance()
.getExternalContext());
user = new UserBean();
}
Index.jsp
request.getSession(false).invalidate();
String redirectPage = null;
redirectPage = request.getContextPath()+"/xhtml/login/loginHome.xhtml";
Another problem is although I have index.jsp as welcome-file the "loginHome.xhtml" still opens directly from hitting the context root. Thats when the session invalidation is not happening.
web.xml
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
Thanks.. !!
My app is configured to run through IIS. I'm trying to change the session timeout from the default 20 minutes to 1 minute.
I've tried the following, with no success:
Changed the Idle Time-out (minutes) property in the App Pool (figure 1)
Changed the Time-out property in the ASP page of the App configuration in IIS (figure 2)
Added <sessionState mode="InProc" timeout="1"/> under <configuration><system.web>
Any ideas or suggestions would be greatly appreciated.
Thanks.
All,
in my liferay portlet when the session expires, the page gets redirected to login page.
Before redirecting to login page we are showing the message saying Session expired, redirecting to login page. Problem is that the message just flashes before the login page appears. I want to show this message say for some 3 sec before redirecting to login page. Is there any portal-ext property to specify this. My current contents of portal-ext.properties file is
session.timeout.warning=1
session.timeout.auto.extend=false
session.timeout.redirect.on.expire=true
help..
session.timeout.warning indicates the duration of the countdown warning.
For eg., if it is set to 1, it means User will be warned for 1 minute.
Below configuration in web.xml indicates that if User remains idle for 30 minutes without doing any activity, his Session will be destroyed.
<session-config>
<session-timeout>30</session-timeout>
</session-config>
For more details on this behaviour, please read this bug in session warning interpretation post.
As a side note there is a nice Jquery plugin for your requirement.
If you want Session to be destroyed after 30 mins but at 29th minute you want to Warn the User, then your code will look like below,
$j.idleTimeout('#dialog', 'div.ui-dialog-buttonpane button:first', {
idleAfter: 10440, // 29mins
..
..
Now as you know your session will expire after 30 mins. So, after 30th min, your session will expire and return to your configured page.
This is possible and you can take help of following JQuery plugin which provides this feature with customization at different levels. You can configure these customization when the plugin is initialized, like one below.
....
force: 300000,
....
https://www.jqueryscript.net/other/Session-Timeout-Alert-Plugin-With-jQuery-userTimeout.html
Demo: https://www.jqueryscript.net/demo/Session-Timeout-Alert-Plugin-With-jQuery-userTimeout/