|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 3122 | minor | always | 12-05-08 09:15 | 03-26-09 18:08 | |
|
|
|||||
| Reporter: | ferg | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | urgent | OS Version: | |||
| Status: | closed | Product Version: | 3.2.1 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.0 | ||
|
|
|||||
| Summary: | 0003122: cluster sessions not expiring | ||||
| Description: |
(rep by Richard Grantham) Well, usually it's 60 minutes. The 60 second timeout is set when someone closes the browser without logging out (JavaScript catches the event and calls a JSP which sets the new session timeout with session.setMaxInactiveInterval(60)). This is so that if someone loses their connection to the internet they will be able to continue working without issue when it comes back (assuming it's back in under an hour). The timeout is being set by the JSP but is not acted upon. Perhaps I should explain the use case. Our application maintains a list who is logged into the system. It also allows people to lock things for editing. So that people can't lock things and go off on holiday preventing others from working we unlock anything they have locked and clear them out of the logged in list when a session is invalidated. Right now people are just closing the browser and going home and their colleagues are unable to continue the work the next day. I'd agree that half the issue is education ("please press logout") but it's also something we need to be pro-active about. |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||