SSO Session duration Timeout:
It is defined as the number of hours user is logged into the server before the session expires. The default is eight hours. In other words, SSO session timeout is a wall-clock timer that times out the session regardless of whether is user is active or not.
The SSO_ID cookie simply becomes invalid after the specific number of hours after the user was first authenticated. This timeout is always set and cannot be disabled but can be set to a higher value.
The SSO session duration timeout can be set by any administrator who logs into the SSO Server home page. Click the “SSO Server Administration” link followed by the “Edit SSO Server Configuration” link.
Global Inactivity Timeout (GIT)
It is an inactivity timeout. It fires when the user has not done anything with the protected application longer than the timeout period. This value is configured & enabled using the ssogito.sql script. The GIT is supported by mod_osso module.
To enable the GIT feature, $ORACLE_HOME/sso/admin/plsql/sso/ssogito.sql script must be run while logging into the Metadata Repository as the ORASSO user.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment