The duration of Enterprise Portal sessions are controlled by the following timeout properties, which the administrator can adjust, based on the requirements of the enterprise:
sessionDuration – defines a specific amount of time that a user’s Enterprise Security PortalSession object remains active. The PortalSession is the token by which the portal determines a user’s access rights. When a user remains logged in for the specified duration, the PortalSession times out, and the user must log in again.
com.sybase.jaguar.server.authtimeout – defines the period of time, during which, if no user activity is detected, the EAServer authentication session times out, and the browser becomes an anonymous user. If activity continues, a user can remain logged in to the portal indefinitely.
com.sybase.jaguar.webapplication.session-config – defines the EAServer HTTP session timeout. If the HTTP session times out first, the session is reauthenticated automatically, but information about the HTTP session may be lost.
To limit everyone to a specific amount of time in the portal, set sessionDuration and com.sybase.jaguar.server.authtimeout to the same value. To limit activity, set com.sybase.jaguar.server.authtimeout to the preferred value, and set sessionDuration to twice that value. Setting the value of sessionDuration too high wastes resources.
Setting the sessionDuration property
In any text editor, open the securities.properties file, which is located in the java/classes/com/sybase/ep/security subdirectory of your EAServer installation.
Search for this line:
sessionDuration=3600
Sybase recommends that you set the value of sessionDuration to 3600. The value of this property is expressed in seconds; the default value, 3600, equals one hour. This value defines the absolute time limit that a user can stay logged in to the same portal session. The time begins when the user logs in, and when time expires, the user must to log in again and establish a new session.
Save and close the file.
Setting the com.sybase.jaguar.server.authtimeout property
Assuming EAServer is running, start Jaguar Manager.
On UNIX or Linux:
Set the JAGUAR environment variable to the location of your EAServer installation; for example:
setenv JAGUAR /work/Sybase/EAServer
Change to the $JAGUAR/bin directory, and run:
jagmgr.sh
On Windows, select Select Start | Programs | Sybase | EAServer 4.2.2 | Jaguar Manager.
In the Jaguar Manager window, select Tools | Connect; then, on the connection screen, enter:
User
Name: jagadmin
Password: the password for jagadmin; the default is an empty string
Host Name: your machine name
Port Number: 9000
Click Connect.
Expand the Servers folder, then highlight Jaguar, and select File | Server Properties.
Select the All Properties tab, and scroll through the list of server properties to find:
com.sybase.jaguar.server.authtimeout
Double-click the property name, and set its value to 1800 (30 minutes).
Click OK.
Highlight Jaguar, and select File | Shutdown and Start.
Setting the com.sybase.jaguar.webapplication.session-config
property
In Jaguar Manager, expand these successive folders: Servers, Jaguar, Web Applications.
Highlight “onepage,” and select File | Web Application Properties. In the Web Application Properties dialog box, select the General tab.
Set the value of Session Timeout to an appropriate value; the default is 60 minutes.
Click OK to save your changes.
