By managing sessions, you control how long an authenticated and authorized user can access the resource. You can control sessions by:
Idle timeouts protect against unauthorized use of the resource by limiting the amount of time the session remains active if it is not being used. The idle timeout is particularly useful in cases where users leave their computer without logging out of their session. When the idle timeout limit is reached, the session automatically ends.
Maximum timeouts protect against unauthorized use of a resource by forcing an authenticated user to re-authenticate after a specified time. This safeguard ensures that if an authenticated user leaves the computer without logging out and someone else uses the open session, the session will end after a specified amount of time, and the user must re-authenticate to continue using the resource.
In addition to managing how long a session can remain active, you can also end a session immediately if you suspect the integrity of a resource has been compromised. Once a user session has been revoked, the user is disabled in the user directory until you have re-enabled the user using the Administrative UI.
Note: More information about managing sessions exists in the Administration Guide.
You can also implement persistent sessions to provide Windows security context functionality and support for Federated Web Services.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |