Setting user session timeout
Maximo Real Estate and facilities provides a user session timeout feature, which is a more granular approach to user timeouts that are managed by the Real Estate and Facilities platform. This user session timeout is different from the application server timeout, and must be set to a value less than or equal to the application server timeout to function properly.
Overview
Administrators can take advantage of two types of Maximo® Real Estate and Facilities user session timeout settings: (1) A global user session timeout that is set in the Maximo Real Estate and Facilities Administrator Console, and (2) one or more timeout user groups to which users can be added that can override the global timeout setting in the Administrator Console.
If you enable the Auto Refresh option and enter the Refresh Time for a portal section or query section, then this setting keeps the session active.
Session timeout priority
The system will apply the higher user session timeout value. If the Maximo Application Suite has a higher timeout setting than Real Estate and Facilities, its timeout will be used. Otherwise, the Real Estate and Facilities timeout will take precedence.
Global user session timeout
You can set the global user session timeout in the Administrator Console as follows: field. The default field value is 30 minutes. If this field is set to a value greater than the application server timeout value, then a warning will be displayed in the Administrator Console.
In the User Session Properties section, an option named Enable Unique User Session Timeout is available. To give some background, Maximo Real Estate and Facilities supports multiple logins on different devices by the same user. Each one of these logins creates a new Maximo Real Estate and Facilities user session. By default, all of these sessions will stay active if at least one is active. If this option is selected, then each one of these user sessions will be handled separately when measuring activity. If any one session by the user is not active, it can expire while the other sessions by the same user can still remain active.
Another option named Disable User Session Timeout is also available. If this option is selected, then all Maximo Real Estate and Facilities user session timeout functionality will be disabled. In other words, this option will set the timeout behavior back to where it was prior to Application Platform 4.0.
Timeout user groups
You can create one or more Timeout User Group records to specify a timeout that overrides the global timeout setting in the Administrator Console. In Maximo Real Estate and Facilities, you can access the Timeout User Group Manager from the Maximo Real Estate and Facilities Global Menu as follows: .
Users who are added to a Timeout User Group will have their sessions expire according to the value specified in the User Session Timeout in Minutes field of that group. As a result, Maximo Real Estate and Facilities will ignore the global timeout value that is set in the Administrator Console. If the timeout value specified for a Timeout User Group is greater than the application server timeout value, then a warning will be displayed in the Administrator Console.
One known limitation is that users can be added to multiple Timeout User Groups. In this scenario, the largest of the timeout values will be honored.
Session timeout dialogs
Session timeout. The Session timeout warning dialog will appear 2 minutes before the user session expires. The dialog will display 2 buttons: Log out and Stay logged in.
Login to continue. The Login to continue dialog will appear if the user session expires on non-SSO environments. The dialog will provide a Password field. Click the Continue button to close the dialog and stay in the same screen that you were in before the timeout occurred without losing unsaved data. Otherwise, click the Switch user button to return to the main login screen.
Session expired. The Session expired dialog will appear if the user session expires on SSO environments. Click the Renew session button to re-authenticate with your SSO credentials. If necessary, you will be prompted to re-authenticate with the SSO server. Upon successful authentication, the dialog will close, and you will stay in the same screen that you were in before the timeout occurred without losing unsaved data. Otherwise, click the Switch user button to return to the main login screen.
These dialogs will only be displayed on the browser window that contains the main Maximo Real Estate and Facilities navigation.
The actual user session timeout might be delayed by several minutes because the back-end process that checks if the user inactivity limit has elapsed, runs every 10 minutes. The timeout might encounter an additional 3-minute delay because a related back-end process that records the user activity timestamp, runs every 3 minutes.
The system will apply the higher user session timeout value. If the Maximo Application Suite has a higher timeout setting than Real Estate and Facilities, its timeout will be used. Otherwise, the Real Estate and Facilities timeout will take precedence.
User session logging
To view the log details in the security.log file when either a Maximo Real Estate and Facilities user session timeout occurs or an application server timeout occurs, you can enable the following logging categories in the Platform Logging tab of the Administrator Console: Security Logging and HTTP Session Termination Logging.
If a Maximo Real Estate and Facilities user session timeout occurs, a logging message similar to the following will appear in the security.log file:
AuthenticationDAO.stopUserSession: For user: [1234] Log-off type:
[TRIRIGA USER SESSION TIMEOUT]If an application server timeout occurs, a logging message similar to the following will appear in the security.log file:
TririgaIBSHttpSessionListener.sessionDestroyed: Session ID: [123456789]
For user: [1234]; Application Server Session Inactivity Timeout - Time
since server session expired: [89000ms]