Resetting of the session cache entry lifetime value

The user's session cache entry has a limited lifetime, as specified by the timeout stanza entry in the [session] stanza of the webseald.conf configuration file. The default value, in seconds, is 3600 (1 hour):

[session]
timeout = 3600

Regardless of session activity or inactivity, the session cache entry is removed when the lifetime value is reached, at which point the user is logged off.

However, we can configure the lifetime of the session cache entry to be reset whenever reauthentication occurs. With this configuration, the user session no longer has a single maximum lifetime value. Each time reauthentication occurs, the lifetime value of the session cache entry is reset.

We can configure session cache entry lifetime reset with the reauth-reset-lifetime stanza entry in the [reauthentication] stanza of the webseald.conf configuration file:

[reauthentication]
reauth-reset-lifetime = yes

The default value is "no".

Parent topic: Reauthentication