B.2 Setting the session timeout

To prevent the server from becoming overloaded with inactive sessions, the Identity Manager user application times out a user session that remains inactive for an extended period of time. The default timeout interval is 10 minutes. You can change the default by editing the web.xml file in the WEB-INF folder of the user application WAR file.

Editing the session timeout interval The web.xml file in the WAR has an element called <session-timeout> (which can be found under the <session-config> element) that specifies how long a session can be inactive before it times out. To set the session timeout interval, change the value of this element. The value must be specified in minutes.

Controlling the behavior of the alert message By default, the Identity Manager user application displays an alert message whenever a user’s session is about to time out.

Description: Description: Illustration

If the user does not respond to the message by clicking OK, the session times out. The alert message is enabled by default. You can disable it if you like. In addition, you can specify how much time the user is allowed to have to respond to the alert message.

To control the behavior of the alert message, you need to configure the SessionTimeoutWarningPortlet. To do this, you need to edit the portlet preferences on the portlet registration, as shown below:

Description: Description: Illustration

To specify how much time the user is allowed to have to respond to the alert message, edit the Seconds Before Timeout value. To disable the alert message altogether, click False next to Enabled. When you’re done making your changes, click Save Preferences.