Versions Compared

Version Old Version 11 New Version 12
Changes made by

Andreas Marinello

Marc Burkhard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

This article describes provides detailed instructions on how to configure logout timouts timeouts in the CoreOne Suite. It explains the available options, how to adjust the timeout settings, and the implications for user sessions and security.

Table of Contents
Info

On this page, you will get find more information about the liftetime lifetime of any token tokens and details about the clients: . It covers how token lifetimes are managed and how they can be configured for specific clients. Client

Tokens

It is possible to You can configure the lifetime of any token for any client in the Web-GUI. Navigate to CoreOne Admin UI. To do this, navigate to the following page in the CoreOne Suite: SSO → Application → CoreOne Suite → Choose any client that you want to configure (Pencil-button on the right side of the client).

For details more information about tokens and their lifetimes, please visit: Token

Inactivity Logout - Admin UI

If the user is remains inactive (no request was i.e., no requests are made) for a certain amount of timespecified period, the application will do a logout of log the user . The amount of time may be configured within the installer out. This timeout duration can be configured during installation or later in the .json file.: FrotendWeb_ApplicationConfiguration.json found at C:\ProgrammData\itsense\Configuration\

...

SSO Session Cookie - IdP Setting

For how long the The duration for which the IdP's session cookie of the IdP is kept, retained can be configured within the CoreOne Admin UI. Navigate to Single Sign-On (SSO) → Settings

...

  • LoginCookieExpiration in seconds
    Determines for Specifies how long a session cookie is being keptretained. See Setting 13 in Settings

  • LoginCookieExpiration is sliding
    Is This is a boolean value to set wether or not that determines whether the login cookie should follow a sliding expiration period and therefore be extended with new requests. See Setting 14 in Settings

  • EnableRememberMe
    Whether or not Decide whether to show the 'Remember Me' button on the authentication page. See Setting 11 in Settings

  • RememberMeDuration in seconds
    The lifetime of the remember me cookie in seconds. See Setting 12 in Settings

...

In the IIS Manager navigate to: Sites → CoreOne Authentication Service / CoreOne Web Service / CoreOne Self-Service → Session State → Cookie Settings

It is adviced advised to set this setting according to LoginCookieExpiration in seconds

...