liferay session not expired after timeout.

Durai pandian, modified 6 Years ago.

New Member Posts: 11 Join Date: 10/25/12 Recent Posts

Hello All,

I have set the below session configs.

session.timeout=15
session.timeout.warning=13
session.timeout.auto.extend=false
session.timeout.redirect.on.expire=true
In web.xml the timeout is set to 15.

I have created a hook to session_timeout.jspf to set "sessionRedirectUrl" to a public page where the timeout error message displayed.

The output I got is very strange. After timeout the user redirected to the expected page but I can see still the session is there. It is not get invalidated.
Please help me what I have missed.

Thanks in advance.

David H Nebinger, modified 6 Years ago.

RE: liferay session not expired after timeout.

Liferay Legend Posts: 14933 Join Date: 9/2/06 Recent Posts

There may still be a session in place, but contents might have been wiped.

Have you verified if the session contains something you're worried about?

Also if you have set the session.phishing.protected.attributes property in portal-ext.properties, these are carried over when session is created at login and might do it for logout too, although I haven't tested that.

Community

Company

Feedback

Ask Questions and Find Answers

Important:

Ask is now read-only. You can review any existing questions and answers, but not add anything new.

But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:

discuss.liferay.com

liferay session not expired after timeout.