Configure Session Timeouts
With Operations Hub, you can configure how soon a login session expires when a session is idle.
Before doing so, consider which application sessions you need to configure. The Designer, the End-app, and Proficy Authentication (formerly UAA) each can have its session timeout configured independently.
Operations Hub Session Timeouts
Access the web.xml
file from these locations, and update the
configuration as follows, for End-app and Designer session timeouts respectively:
C:\Program Files\GE\Operations Hub\iqp-tomcat\webapps\app\WEB-INF
C:\Program Files\GE\Operations Hub\iqp-tomcat\webapps\site\WEB-INF
<session-config>
<session-timeout>30</session-timeout>
</session-config>
web.xml
) is not shorter than the session
timeout as shown
here:<session-config>
<session-timeout>2</session-timeout>
<cookie-config> <max-age>120</max-age> </cookie-config>
</session-config>
session-timeout
and cookie-config/max-age
are in different units of measurement (see
note below).Additionally, if you set either of the session timeouts greater than one hour in
web.xml
, you also need to add a system environment variable
SESSION_DESTROY_TIMEOUT
with value session_timeout_in_millisec + 10
minutes in millisec
. For example, if you set a session timeout to two hours,
then set it to 130 * 60 * 1000 = 7800000
.
- Restart IQP tomcat service whenever you reconfigure any of the settings/parameters mentioned above.
session-timeout
is measured in minutes, whereascookie-config/max-age
is measured in seconds.- Any manual configuration changes, including changes for timeouts, are overwritten on upgrade.
Proficy Authentication Session Timeout
Proficy Authentication session timeout decides how long your Proficy Authentication login session remains valid. It in turn determines whether you need to enter the credentials again when logging into an application that depends on Proficy Authentication for login.
Example: If the session timeout for Operations Hub Designer is set to 30 minutes, and Proficy Authentication is set to one hour, then you are not required to enter the credentials to re-login if the Designer session times out within one hour. You need to enter credentials only when the Designer session lasts longer than an hour, or you explicitly log out of a session.
web.xml
file from
C:\ProgramFiles\GE\Proficy
Authentication\uaa-tomcat\webapps\uaa\WEB-INF
or
C:\ProgramFiles\GE\Operations Hub\uaa-tomcat\webapps\uaa\WEB-INF)
,
and update the configuration as
follows:<session-config>
<session-timeout>30</session-timeout>
</session-config>
The
cookie’s max-age may also need to be adjusted, similar to Operations Hub session
timeouts.