Session timeout skillbuilders question

Similar Messages

• Session Timeout Question in EME

  If I login to eManager Web and instead of logging out I just close the browser will I be logged out? Will the license be released? What is the session timeout for this and is it possible to set this value?

  If you close the browser in e-Manager Enterprise Web instead of logging out there is a TimeOut that will release your license. This can be seen and is reported on in the e-Manager logs. By default the session TimeOut value is 30 minutes. You can find this and/or change this value by opening "<installdir>\Empirix\EmpAppServer\server\default\deploy\jbossweb-tomcat55.sar\conf\web.xml" in a notepad. Once the file is open, go the the ?Default Session Configuration? Section. Here you can change the TimeOut value. You will then need to save the file and restart the Empirix Application Service. The idle sessions are retired after the specified timeout is reached and the licenses are also checked upon this value. I hope this answers your questions.

• General question re session timeouts

  we'd like to increase the session timeout for our portal from the default 20 min to 60 or so.
  recommendations from plumtree and microsoft suggest that increasing the session timeout (on the server - IIS) to beyond 20 minutes will be detrimental to performance and both advise against it.
  another option would be for users to change their page update settings (through my account -> display options) to say 15 minutes to provide a way of keeping the session alive.
  My question is, isn't this just as much as a performance drain as increasing the session timeout on the server?
  thanks
  Simon Dragicevich

  we'd like to increase the session timeout for our portal from the default 20 min to 60 or so.
  recommendations from plumtree and microsoft suggest that increasing the session timeout (on the server - IIS) to beyond 20 minutes will be detrimental to performance and both advise against it.
  another option would be for users to change their page update settings (through my account -> display options) to say 15 minutes to provide a way of keeping the session alive.
  My question is, isn't this just as much as a performance drain as increasing the session timeout on the server?
  thanks
  Simon Dragicevich

• Hi I have two questions. I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users? How is the session timeout set? Thanks, YS

   

  <i>I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users?</i>
  Um, there is no such thing as NAS4.1.
  I'm assuming that you mean NAS4.0 (maybe NAS4.0sp1?). If so, then the session timeouts are specified in the session section of the NTV configuration files.
  AFAIK, you can specify session timeouts on a per user basis.

• How to configure a session timeout for DynPro applications?

  Hello,
  1. Where can I configure the session timeout of the DynPro applications?
  2. Can I configure a session timeout per application and how do I do that?

  Hello Heidi,
  I am not familiar with this property:
  1. Where can I configure it?
  2. Does it apply to every application at the portal?
  3. What if I would like to configure just one application?
  By the way, I have noticed that the DynPro application has an expirationTime property. The documentation says this:
  Specifies the lifetime in seconds of a Web application on the server before the Web application is terminated by the server. The value of the DefaultExpirationTime parameter of the system configuration is used as the default value.
  My question is if someone tried to use this property?
  Message was edited by: Roy Cohen

• What is the difference between Session timeout and Short Session timeout Under Excel Service Application -- session management?

  Under Excel Service Application --> session management; what is the difference between Session timeout and Short Session timeout?

  Any call made from the API will automatically be set to the “Session Timeout” period, no matter
  what. Calls made from EWA (Excel Web Access) will get the “Short Session Timeout” period assigned to it initially.
  Short Session Timeout and Session Timeout in Excel Services
  Short Session Timeout and Session Timeout in Excel Services - Part 2
  Sessions and session time-outs in Excel Services
  above links are from old version but still applies to all.
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Session Timeout (secs) WiSM's

  Hi All,
  Probably an easy question here.
  I am just wondering what I should set my Session Timeout (secs) on my SSID's to int the WiSM's? Mine is currently set to 1800secs, but I sort of want to change it to 300 secs so that when people walk out of a particular building, they will need to re-associate and get a new IP address (If that makes Sense!)
  Thanks,

  There is no exact definiton for session timeouts. In your case it could be 900 secs[15 mins] so hat its not too early session timeouts. Normally users need to reauthenticate if they move to different access points.

• Session Timeout and Dynamic Actions

  Did anybody ever use the Session Timeout feature in APEX successfully?
  I have set an idle session timeout and provided an url to redirect to once the session is expired: Home > Application Builder > Application nnn > Shared Components > Edit Security Attributes > Session Timeout
  It works so far during the page rendering and page processing phase. But I have major problems with dynamic actions and custom ajax requests.
  Dynamic actions will just hang and simply don't return. Even worse, when I execute the dynamic action once the session is expired, the session seems to be physically deleted and thus the next click on a tab will not redirect to the expiration page but go straight to the login page.
  Did anybody make it work or is the best way to implement a custom session timeout?
  Thanks,
  Dietmar.

  Hi All,
  Check out the Session Timeout plug-in available here:
  http://skillbuilders.com/plugins
  Let me know if that helps.
  Regards,
  Dan
  blog: http://DanielMcghan.us/
  work: http://SkillBuilders.com/APEX/

• Session Timeout and Url Redirect in BlazeDS?

  We have a JSF2 Webapp and Flex 4 integreated.
  Question
  1. How can we pass the parameters in web.xml to make FLEX4 redirect to login page when the session timeouts instead of giving a AMF Communication Error?
  Thanks,
  User.

  hi, i am also struggling with the same problem, have you got any solution

• In APEX clicking the hyper link doesn't trigger session timeout page

  Hi All,
  I have a question about the session time out in APEX application. I have created a simple APEX application. In the SQL report region section, i have code like this:
  SELECT DOC_Name, DOC_URL,
  '<a href="' || DOC_URL || ' target="_blank"/">Download file</a>' pdf_link
  FROM test_table
  where emp_number =00010001
  When user clicks on the hyper link, it will display the destination page to user(for example if DOC_URL = 'http://forums.oracle.com', it will display the oracle forum page in a new browser).
  But the issue is that, after user's session timeout (I set for 240 seconds through Shared Components>Edit Security Attributes, i set max the session timeout for example 240 seconds), when i click on this hyperlink, it doesn't trigger my session timeout page and it still displays the page (oracle forum page).
  Why in APEX clicking the hyper link doesn't trigger session timeout page after the user session timeout???
  how to implememt or fix to trigger the session timeout page after clicking on the hyperlinks?
  (BTW, our APEX version is 3.2)
  Thanks!

  Hi Lily,
  the reason for that behavior is that APEX is not involved anymore if you click on an external link. That's completely handled by your browser.
  To involve APEX timeout handling you could redirect to a specific page in your application which performs the final redirect.
  For example:
  1) Create a new page 999
  2) Create hidden page item P999_URL
  3) Create a before header PL/SQL process with the following source
  owa_util.redirect_url('http://'||:P999_URL);
  apex_application.g_unrecoverable_error := TRUE;If you want to embed a link, create a link to page 999 and set the page item P999_URL to forums.oracle.com
  You could also add a white list into the above code to verify that you are just redirecting to valid URLs, so that nobody is using your trusted application URL for phishing attacks.
  Hope that gives you a direction
  Patrick
  Regards
  Patrick
  My Blog: http://www.inside-oracle-apex.com
  APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
  Twitter: http://www.twitter.com/patrickwolf

• ADF Faces : session timeout best practice

  hi
  I made these small modifications to the web.xml file in the SRDemoSample application:
  (a) I changed the login-config from this ...
    <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
        <form-login-page>infrastructure/SRLogin.jspx</form-login-page>
        <form-error-page>infrastructure/SRLogin.jspx</form-error-page>
      </form-login-config>
    </login-config>... to this
    <login-config>
      <auth-method>BASIC</auth-method>
    </login-config>(b) I changed the session-timeout to 1 minute.
    <session-config>
      <session-timeout>1</session-timeout>
    </session-config>Please consider this scenario:
  (1) Run the UserInterface project of the SRDemoSample application in JDeveloper.
  (2) Authenticate using "sking" and password "welcome".
  (3) Click on the "My Service Requests" tab.
  (4) Click on a "Request Id" like "111". You should see a detail page titled "Service Request Information for SR # 111" that shows detail data on the service request.
  (5) Wait for at least one minute for the session to timeout.
  (6) Click on the "My Service Requests" tab again. I see the same detail page as in (4), now titled "Service Request Information for SR #" and not showing any detail data.
  question
  What is the best practice to detect such session timeouts and handle them in a user friendly way in an ADF Faces application?
  thanks
  Jan Vervecken

  Hi,
  no. Here's the content copied from a word doc:
  A frequent question on the JDeveloper OTN forum, and also one that has been asked by customers directly, is how to detect and graceful handle user session expiry due to user inactivity.
  The problem of user inactivity is that there is no way in JavaEE for the server to call the client when the session has expired. Though you could use JavaScript on the client display to count
  down the session timeout, eventually showing an alert or redirecting the browser, this goes with a lot of overhead. The main concern raised against unhandled session invalidation due to user
  inactivity is that the next user request leads to unpredictable results and errors messages. Because all information stored in the user session get lost upon session expiry, you can't recover the
  session and need to start over again. The solution to this problem is a servlet filter that works on top of the Faces servlet. The web.xml file would have the servlet configured as follows
  1.     <filter>
  2.         <filter-name>ApplicationSessionExpiryFilter</filter-name>
  3.         <filter-class>
  4.             adf.sample.ApplicationSessionExpiryFilter
  5.         </filter-class>
  6.         <init-param>
  7.             <param-name>SessionTimeoutRedirect</param-name>
  8.             <param-value>SessionHasExpired.jspx</param-value>
  9.         </init-param>
  10.     </filter>
  This configures the "ApplicationSessionExpiryFilter" servlet with an initialization parameter for the administrator to configure the page that the filter redirects the request to. In this
  example, the page is a simple JSP page that only prints a message so the user knows what has happened. Further in the web.xml file, the filter is assigned to the JavaServer Faces
  servlet as follows
  1.     <filter-mapping>
  2.             <filter-name>ApplicationSessionExpiryFilter</filter-name>
  3.             <servlet-name>Faces Servlet</servlet-name>
  4.         </filter-mapping>
  The Servlet filter code compares the session Id of the request with the current session Id. This nicely handles the issue of the JavaEE container implicitly creating a new user session for the incoming request.
  The only special case to be handled is where the incoming request doesn't have an associated session ID. This is the case for the initial application request.
  1.     package adf.sample;
  2.     
  3.     import java.io.IOException;
  4.     
  5.     import javax.servlet.Filter;
  6.     import javax.servlet.FilterChain;
  7.     import javax.servlet.FilterConfig;
  8.     import javax.servlet.ServletException;
  9.     import javax.servlet.ServletRequest;
  10.     import javax.servlet.ServletResponse;
  11.     import javax.servlet.http.HttpServletRequest;
  12.     import javax.servlet.http.HttpServletResponse;
  13.     
  14.     
  15.     public class ApplicationSessionExpiryFilter implements Filter {
  16.         private FilterConfig _filterConfig = null;
  17.        
  18.         public void init(FilterConfig filterConfig) throws ServletException {
  19.             _filterConfig = filterConfig;
  20.         }
  21.     
  22.         public void destroy() {
  23.             _filterConfig = null;
  24.         }
  25.     
  26.         public void doFilter(ServletRequest request, ServletResponse response,
  27.                              FilterChain chain) throws IOException, ServletException {
  28.     
  29.     
  30.             String requestedSession =   ((HttpServletRequest)request).getRequestedSessionId();
  31.             String currentWebSession =  ((HttpServletRequest)request).getSession().getId();
  32.            
  33.             boolean sessionOk = currentWebSession.equalsIgnoreCase(requestedSession);
  34.           
  35.             // if the requested session is null then this is the first application
  36.             // request and "false" is acceptable
  37.            
  38.             if (!sessionOk && requestedSession != null){
  39.                 // the session has expired or renewed. Redirect request
  40.                 ((HttpServletResponse) response).sendRedirect(_filterConfig.getInitParameter("SessionTimeoutRedirect"));
  41.             }
  42.             else{
  43.                 chain.doFilter(request, response);
  44.             }
  45.         }
  46.        
  47.     }
  This servlet filter works pretty well, except for sessions that are expired because of active session invalidation e.g. when nuking the session to log out of container managed authentication. In this case my
  recommendation is to extend line 39 to also include a check if security is required. This can be through another initialization parameter that holds the name of a page that the request is redirected to upon logout.
  In this case you don't redirect the request to the error page but continue with a newly created session.
  Ps.: For testing and development, set the following parameter in web.xml to 1 so you don't have to wait 35 minutes
  1.     <session-config>
  2.         <session-timeout>1</session-timeout>
  3.     </session-config> Frank
  Edited by: Frank Nimphius on Jun 9, 2011 8:19 AM

• Portal session timeout judge

  Hi everybody,
  I have a question about portal session timeout. Now we have a javascript for session timeout in Masthead iview, which can increase the time for the active user. It uses EPCM to rase the event. But our page has four iveiws, and there is a iview form that use the javascript to submit the request, and don't refresh the whole page, so it can't call our session timeout javascript to increase the time.
  Whether we can call the javascript from other iviews? Or do we have other ways to do the session timeout judge and increase the time by user's activity in sap portal ?
  Thanks

  Hi,
  Try to subscribe to EPCM events on all navigations in your code, which will in turn update the timer
      EPCM.subscribeEvent("urn:com.sapportals:navigation", "Navigate", pop);
      EPCM.subscribeEvent("urn:com.foo.bar.myapp", "myEvent", pop);
  You can also call the update timer method (in masthead) from your I view form code using AJAX, which will be more simpler.
  Regards,
  Santhosh

• How to fetch session timeout from the server

  Hi
  I want to subscribe about the value of the session timeout value from the server 
  from time to time , is there any way in the flex or through blazeds to achieve 
  this . 
  Thanks 
  Akshat

  Ernie,
  thanks for your suggestions. It seems my problem can't be solved in a smart way. To your question: My server space is limited ( 1 GB ), I use currently about 2/3 of it.
  I have access to the mails via the web interface and therefore I could forward the mails to my account but I would like to have all mails local on my Mac with the original time stamps and format. But that's not the case for forwarded mails. In addition for sure the problem is not solved, if I cure the current symptoms and I have no idea if it's caused by an update of my Mac or by the server.
  Werner

• Sun One w/htaccess, need to find session timeout

  All,
  Users login to web site using htaccess basic authentication, need to find out if there is a setting for session timeout.
  Thanks.

  Hello,
  Although I am a bit unclear about the question. But please see if the following helps;
  I can query the v$session to know about the SID. Here is a simple example;
  select  sid,
  substr(username,1,15) "DB UserName",
  substr(osuser,1,15) "OS UserName",
  substr(command,1,3) CMD,
  substr(machine,1,10) Machine,
  terminal, process, status,
  substr(program,1,50) "OS Program Name"
  from v$session
  where type = 'USER'
  order by usernameHere is a sample output;
              SID DB UserName     OS UserName     CMD MACHINE    TERMINAL         PROCESS      STATUS   OS Program Name
                7                 SYSTEM          0   ORAAPPPROD ORAAPPPROD       976          ACTIVE   ORACLE.EXE
                8                 SYSTEM          0   ORAAPPPROD ORAAPPPROD       3548         ACTIVE   ORACLE.EXE
  Additionally you can also review Oracle Metalink Script: How To Identify The apps User Using The O/S PID For Forms Users In 11i Doc ID: Note:185762.1.
  https://metalink.oracle.com/metalink/plsql/f?p=130:14:38346007578631471::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,185762.1,1,1,1,helvetica
  Hope it helps. Maybe others might add in this.
  Adith

• Erratic session timeout

  Hi
  We are getting erratic session timeout behaviour in our application. Debugging thru the application shows that occassionally, the session that is supposed to be associated with a particular login user gets swapped for another session that does not have seem to have any associations within the application.
  This is confirmed by printing out the session id when the user logs in and then comparing it with the session id when a timeout error occurs in our app. In our code, the condition when a timeout occurs is when the session is either null or the login id attribute we have previously set in the session is null. A common action in our app ensures that a new session is always created if it has been invalidated. However, in my debug code, I'd check if the session is new and print out different messages accordingly. In cases when we get the erractic timeouts, the debug message always tells me that the session is actually not a new one.
  My question is, where did this spurious session come from?
  Is there an issue with how weblogic handles session association with requests?
  We have tried using different browsers and the problem still occurs. The browsers all accept cookies and URLrewriting has been enabled. We have also tried varying the session timeout in weblogic.xml but this erratic session timeout still occurs before we actually reach the timeout period set. Lastly, there is only one single app running in a non clustered env.
  Any help to shed some light on this issue would be greatly appreciated.
  Cheers

  we are having a similar issue, were you able to resolve the issue?
  Thanks for your help in advance.