cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Qualifications for end of Session
An end of session is usually caused by the web browser being closed.
<CookieDBExpireTime> does not set the expire time for the cookie in the user's
browser. It tells IISCosign how long the locally cached copies of the service
cookies -- the files located in [c:\path\to]\iiscosign\cookiedb -- are good on
your cosign-protected web server before it asks the central login server if a
service cookie is still good.
As far as the 'central login session' cookie, this value is set on the login
server. I believe the default is around 8 hours, but take that with a
salt as it is customizable for each login server. Note that even if your
service cookie 'expires' every couple of minutes (the default value) if the
user is still logged in, a new service cookie is issued.
--University of Michigan
--Information Technology Central Services
Quoting "Whyte, Michael" <mjw20@xxxxxxx>:
The cookie in my browser says it expires at end of session. What
initiates an end of session? The cookie DB setting in the
cosign.dll.config is set to about 10 hours.
Just want to know what signifies so that we can create user warnings and
or auto state saving of information on a web form, when page is idle.
Just to save time and email exchanges, below is a copy of the config.
<LogFilePath fileSizeInKB="4096" >C:\Program
<ConnectionPool size="4" /><!--4-->
<CookieDBExpireTime seconds="36000" />
Penn State University
Office of Research Information Systems