3.4 Setting Session Timeout

Both the Dashboard and the Operations Center server to which the Dashboard has established a connection times out based on inactivity.

3.4.1 Configuring Dashboard Session Timeout

There are two types of session timeout that affect the Dashboard user:

  • Server Connection Timeout: Dashboard portlets will attempt to reconnect to an Operations Center server that has timed out or gone down as long as the Dashboard application has not timed the user out of the Dashboard session. By default, a connection timeout occurs after 30 minutes of inactivity with the Operations Center server.

  • User Session Timeout: By default, if a user does not perform any activity in the Dashboard for 30 minutes, the user is warned that the session will expire. The user can remain logged into the Dashboard for an additional 30 minutes by responding to the notification.

To change Dashboard session timeouts:

  1. To configure the server connection timeout, add or update the mo.remoteserver.context.keepAliveTime property value in the Formula.custom.properties file. Set the property to the number of minutes of inactivity to trigger the connection timeout with the Operations Center server.

    We suggest setting this property to a time longer than the desired user session timeout.

    For information about creating or using the Formula.custom.properties file, see Making Custom Changes in the Operations Center 5.6 Server Configuration Guide.

  2. To set the user session timeout, update the following line in the /OperationsCenter_Dashboard_install_path/server/webapps/ROOT/WEB-INF/web.xml file for the number of minutes before timeout:

    <session-config>
     <session-timeout>30</session-timeout>
    </session-config>
    

3.4.2 Disabling Dashboard Session Timeout

By default, session timeout is enabled for the Dashboard. To extend sessions and keep them open as long as the user’s browser is open and a portal page is loaded, update the portal-ext.custom.properties file. When extending sessions, a smaller session.timeout value, such as 5 minutes, must be set.

To halt session timeout:

  1. By default, the server connection timeout is set to 30 minutes. Verify the mo.remoteserver.context.keepAliveTime property setting in the Formula.custom.properties file to adjust the connection timeout with the Operations Center server.

    For information about creating or using the Formula.custom.properties file, see Making Custom Changes in the Operations Center 5.6 Server Configuration Guide.

  2. Stop the Dashboard server.

    For more information, see Section 2.3.2, Stopping the Dashboard.

  3. Update the /OperationsCenter_Dashboard_install_path/server/webapps/ROOT/WEB-INF/classes/portal-ext.custom.properties file to add the following line:

    session.timeout.auto.extend=true
    

    For more information about the portal-ext.custom.properties file, refer to Section 3.9, Understanding Portal Properties Files.

  4. Update the /OperationsCenter_Dashboard_install_path/server/webapps/ROOT/WEB-INF/web.xml file to set a smaller session timeout:

    <session-config> <session-timeout>5</session-timeout> </session-config>

    It is recommended to set the session timeout to 5 minutes.

  5. Start the Dashboard server.

    For more information, see Section 2.3.1, Starting the Dashboard.

3.4.3 Configuring the “Remember Me” Feature and Setting Browser Cookie Lifespan

When using the Remember Me feature for auto-login, the cookie lifespan can be configured to expire after a specific length of time, or after each browser session.

By default, the Remember Me feature is enabled in the portal-ext.custom.properties file using the company.security.auto.login setting.

To configure Remember Me and cookie lifespan:

  1. Open the /OperationsCenter_Dashboard_install_path/server/webapps/ROOT/WEB-INF/classes/portal-ext.custom.properties file.

  2. To configure cookie lifespan, add the following line and set to the length of time (in seconds) to expire:

    company.security.auto.login.max.age=31536000

    31536000 sets a lifespan of one year. Set to -1 to expire after each browser session.

  3. To disable the Remember Me auto login feature, add the following line:

    company.security.auto.login=false