Configuration Manager - Commerce - Login Timeout

To use the login timeout security feature for a store, you need to define the LoginTimeoutErrorView and ReLogonFormView views for the store.

Note: Define the LoginTimeoutErrorView and ReLogonFormView views as described in Views for Login timeout.

The Login Timeout node of the Configuration Manager enables or disables the login timeout feature for cookie-based sessions. When this feature is enabled, a WebSphere Commerce user that is inactive for an extended period is logged off the system and requested to log back on. If the user then logs on successfully, WebSphere Commerce runs the original request that was made by the user. If the user logon fails, the original request is discarded and the user remains logged off the system.

For WebSphere Commerce tools (such the Administration Console and WebSphere Commerce Accelerator), the login timeout feature does not present a relogin page to the user. Instead, it closes the browser window and it is up to the user to log back on to the tool. Thus, in the case of tools, the original request that the user submits is not processed.

Enable: Activates the login timeout feature when selected. This feature is enabled by default. To deactivate the feature, clear the check box.
Value: The login timeout value, in seconds. The default timeout value is 1800 seconds.

To apply your changes to Configuration Manager, click Apply. A message indicates that you successfully updated the configuration for your instance. From the WebSphere Application Server Administration Console, stop and restart the WebSphere Commerce Server instance.

Note: The login timeout value is stored in the WebSphere Commerce configuration file in milliseconds, while the value in Configuration Manager is entered in seconds.

For more information, see the Authentication policies topic.