Topic
  • 1 reply
  • Latest Post - ‏2011-10-12T12:08:30Z by SystemAdmin
SystemAdmin
SystemAdmin
9224 Posts

Pinned topic Securty Authentication Timeout

‏2008-07-15T16:42:36Z |
NOTE: this thread was migrated from projectzero.org. Some content and formatting may have been lost in the move.


Originally posted by projectzero userid: adiaz - f=4&t=1063#p4434
Hi

I have protected an application with Form authentication and everything works fine. But, What I need to do in order to expire the sessions of those users that login through my form ? I have tried with:
/config/userZone/idleTimeout=5  <br/>
OR<br/>
/config/userZoneIdleTimeout=5


but doesnt work.


Thanks in advance.
Updated on 2014-03-25T05:44:33Z at 2014-03-25T05:44:33Z by iron-man
  • SystemAdmin
    SystemAdmin
    9224 Posts

    Re: Securty Authentication Timeout

    ‏2011-10-12T12:08:30Z  

    Originally posted by projectzero userid: todkap - f=4&t=1063#p4436
    Not sure which type of timeout you are looking for since the subject talks about authentication timeout (I would assume logout functionality) and the body talks about session (asuming you mean session invalidation)

    If you want to expire sessions, please refer to this section of the Developer's Guide
    http://www.projectzero.org/sMash/1.0.x/docs/zero.devguide.doc/zero.core/GlobalContext.html which discusses the user zone and also a command called invalidate.

    If you want to log a user out that is leveraging form based authentication, please refer to this section of the Developer's Guide
    http://www.projectzero.org/sMash/1.0.x/docs/zero.devguide.doc/zero.core/Authentication.html#Form_based_authentication which discusses how to define a handler for logging out or if you would prefer to expire sessions at the same time as logging out, one could leverage the programmatic logout support also detailed on this page.
    Updated on 2011-10-12T12:08:30Z at 2011-10-12T12:08:30Z by SystemAdmin