How to Configure & Verify Global Inactivity Timeout (GITO)?

Step 1: Configure GITO timeout parameters

The first step is to run the SQL script $ORACLE_HOME/sso/admin/plsql/sso/ssogito.sql . The script is typically installed on the same machine where the SSO server is located. The steps to follow are mentioned below

1. Navigate to $ORACLE_HOME/sso/admin/plsql/sso
2. Login to SQL prompt as the ORASSO schema account
3. Execute the ssogito.sql script

When the ssogito.sql script runs, it prints out the current GITO settings and then prompts for the new values.Below is an example of running the script 

SQL> @ssogito.sql
=============================================
SSO Server Inactivity Timeout Configuration
=============================================
Timeout : DISABLED
Cookie name : OSSO_USER_CTX
Cookie domain :
Inactivity period: 15 minutes
Encryption key : 81C109596C2218D0
Note: timeout cookie domain will be defaulted
to the SSO Server hostname
-------------------------------------------
To disable timeout set inactivity period to 0, (zero)
Press return key twice if you do not want to change timeout configuration.
PL/SQL procedure successfully completed.

Enter value for timeout_cookie_domain:
Enter value for inactivity_period: 2
Timeout : ENABLED
New timeout cookie domain:
New inactivity period : 2 minutes
Note: timeout cookie domain will be defaulted to the SSO Server hostname
PL/SQL procedure successfully completed.
No errors.

The ssogito.sql script will then prompt for a new timeout cookie domain and a new inactivity period.
Leaving the cookie domain blank will default it to the domain name of the machine where the SSO server is running. For example if the system with the name host.domain.com is used enter the timeout_cookie_domain as ".domain.com". Note the "." (Dot ) before the domain name.

Step 2: Enable the HTTP Server to check for Inactivity Timeouts
Edit $ORACLE_HOME/Apache/Apache/conf/mod_osso.conf & locate the OssoIdleTimeout directive. By default this will be set to off. Modify the settings as shown below

OssoIdleTimeout on
Step 3: Restart Oracle AS infrastructure components
Restart all the infrastructure components $opmnctl stopall followed by $opmnctl startall
Step 4: How to Test GITO

Check to see if a user's session is properly timed out after a period of inactivity. For testing purposes it is best to set the timeout period to a low number such as 3 minutes when the ssogito.sql script is run. Once GITO is working properly then the ssogito.sql script can be re-run to set the desired timeout period.

To properly test GITO,Open a new browser and access the OIDDAS application or the /private page. Login to SSO with a valid username and password and note the wall clock time. Leave the browser session open with no SSO access for approximately 10 seconds longer than the set timeout period.

If testing with OIDDAS then try clicking one one of the tabs.If GITO is working properly the user should see the following message:

Error: Your session has timed out. Please log on again. (WWC-53049)

Steps to perform on each mid-tier

In the file mod_osso.conf ensure that the parameter ossoIdleTimeout exists and is set to on. The path to this file is as follows:

$ORACLE_HOME/Apache/Apache/conf/mod_osso.conf

Restart the midtier HTTP server (OHS):

$ opmnctl restartproc ias-component=HTTP_Server