DaveGoosem
5/17/2013 - 2:09 AM

To set the session timeout value for admin Sitecore users.

To set the session timeout value for admin Sitecore users.

sessionTimeout.xml
content_copyfile_download
<!--
Session expiration for the Sitecore Client.

When managing Client sessions, Sitecore keeps track of every user logged in to the system and assigns a Sitecore user ticket to every user accessing a Sitecore Client application. Sitecore Client user session is not limited in time and is kept alive until the browser is opened.

However, if after 8 hours of the current user inactivity another user logs in and the current Sitecore license used has a concurrent number of users limitation – a newly logged in user may take the currently logged in user’s license slot. Current user will be redirected to the login page when trying to use any Sitecore Client application if there are no more available license slots left for him to automatically re-login to the system.

If  8 hours inactivity period is too long and needs to be changed, the following workaround can be applied:
Copy the Sitecore.Support.323551.dll assembly to the \bin folder.
http://sdn.sitecore.net/upload/faq/session%20expiration/sitecore.support.323551.dll.zip

Add the following agent into the <scheduling> section in web.config:
-->

<!-- Agent to expire idle license slots -->
<agent type="Sitecore.Support.SessionTimeout.ExpirationAgent" method="Run" interval="00:05:00"/>

<!--Add the following setting into the <settings> section in web.config:-->

<!--  Timeout value for idle license slots (minutes)  -->
<setting name="Authentication.SessionTimeout" value="3"/>

<!-- When logging in to Sitecore Client, it is also possible to check the “Remember Me” checkbox. When checked, the appropriate persistent cookie will 
be created that will allow user automatically re-login to the system without having to enter his credentials. Expiration period for the cookie is 
configured by "Authentication.ClientPersistentLoginDuration” setting in web.config: -->

<!--  CLIENT PERSISTENT LOGIN DURATION
       Specifies the number of days before client "remember me" information 
        expires. The default is 180 days.
-->
<setting name="Authentication.ClientPersistentLoginDuration" value="180"/>