Agent Guides › Web Agent Guide › Single Sign-On (SSO) › How to Configure Single Sign-On › Modify the Session Grace Period

Modify the Session Grace Period

Web pages usually consist of many resources, all of which are potentially protected by the Web Agent. For each resource associated with a single request, a session cookie is generated. To eliminate the overhead of generating multiple session cookies for a single user request, set the following parameter:

SessionGracePeriod

Specifies the number of seconds during which a SiteMinder session (SMSESSION) cookie will not be regenerated. Cookies are not regenerated when all of the following conditions are met:

• There is no URL SMSESSION cookie.
• The difference between the current time and the last access time of the received SMSESSION cookie is less than or equal to the SessionGracePeriod.
• The amount of time between the current time and the time when the received cookie would have been idle exceeds two grace periods. For example, if your grace period is 25 minutes and the idle time-out is 60 minutes, SiteMinder regenerates a session cookie after 10 minutes, because then there are less than two grace periods (50 minutes) of time left before the session goes idle.

Default: 30

To modify the session grace period

1. Change the value of the SessionGracePeriod parameter.
2. If you increased the setting for the SessionGracePeriod parameter in Step 1, use the Policy Server User Interface to ensure both of the following values in all of your realms do not exceed the value of the SessionGracePeriod parameter:
   • Session timeout value
   • Idle timeout value

   The session grace period is changed.

   Note: Session timeouts are part of configuring a realm, which you do using the Policy Server User Interface. For further instructions on configuring session timeouts, see the Policy Server documentation.