|
|
|
Each user session includes session timeout information. The timeout values let you determine the length of an active session and the amount of session inactivity that can pass before a session is invalid. You configure session timeouts on a per-realm basis using the following timeout options.
|
Name |
Purpose |
|---|---|
|
Maximum Timeout (All sessions) |
Specifies the maximum amount of time a user session can be active before the Web Agent challenges the user to re-authenticate. You can override this setting using the WebAgent-OnAuthAccept-Session-MaxTimeout response attribute. |
|
Idle Timeout (All sessions) |
Specifies the amount of time that a user session can be idle before the Web Agent terminates the session. If the session expires, a user must re-authenticate. Note: For persistent sessions, this value must be greater than that specified by Session Validation Period. You can override this setting using the WebAgent-OnAuthAccept Session-Idle-Timeout response attribute. |
|
Session Validation Period (Persistent Sessions) |
For persistent sessions only, specifies the maximum period between Agent calls to the Policy Server to validate a session. Session validation calls perform two functions: informing the Policy Server that a user is still active and checking that the user's session is still valid. |
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |