J
josh.s17
Hi,
Sorry this question is so websphere specific...
In my application I am using the standard form based authenication with
webpshere 5.1.1.4 but I have a problem in that users do not get logged
out when their session expires due to inactivity. They just get a new
session when there session expires. Currently users will only get
logged off when the LTPA token expires after 2 hours. I haven't been
able to figure out a way of distinguishing a user who's session has
expired from a user who's has just logged in otherwise I could do
something in the code at the point that sessions are created.
Question 3 and 4 on this page on the IBM website suggests to me that
there is no standard way to do this.
http://www-1.ibm.com/support/docvie...uid=swg21078845&loc=en_US&cs=utf-8&lang=en+en
It sounds like turning off single sign on might fix this problem but
that is not an option. I am also forced to configure websphere to
authenicate to LDAP so I cannot change the authentication mechanism to
Local OS as the article suggests.
Can anyone offer advice on how to get around this problem. It seems
like this would be a common problem that anyone using websphere would
encounter.
Any help would be much appreciated.
Sorry this question is so websphere specific...
In my application I am using the standard form based authenication with
webpshere 5.1.1.4 but I have a problem in that users do not get logged
out when their session expires due to inactivity. They just get a new
session when there session expires. Currently users will only get
logged off when the LTPA token expires after 2 hours. I haven't been
able to figure out a way of distinguishing a user who's session has
expired from a user who's has just logged in otherwise I could do
something in the code at the point that sessions are created.
Question 3 and 4 on this page on the IBM website suggests to me that
there is no standard way to do this.
http://www-1.ibm.com/support/docvie...uid=swg21078845&loc=en_US&cs=utf-8&lang=en+en
It sounds like turning off single sign on might fix this problem but
that is not an option. I am also forced to configure websphere to
authenicate to LDAP so I cannot change the authentication mechanism to
Local OS as the article suggests.
Can anyone offer advice on how to get around this problem. It seems
like this would be a common problem that anyone using websphere would
encounter.
Any help would be much appreciated.