Difference between revisions of "SessionTimeout"
(Allow users to find Session Timeout settings more easy.)
Latest revision as of 09:07, 14 February 2020
There are several solutions to managing your Session in Request Tracker
Tested only with 4.4.4, but probably also valid for older 4.x versions.
Option 1: AutoLogoff
AutoLogoff Setting in your config, i.e. to 60 Minutes:
According to the RT_Config docs, setting this value automatically logs off any user after 60 minutes of inactivity (i.e. 60 minutes after your last action).
Option 2: SetupSessionCookie
Alternative: Set $Expires next to $SessionCookie in /opt/rt/share/html/Elements/SetupSessionCookie
$SessionCookie => undef $Expires => '+8h'
This means any session inactive for more than 8h (i.e. no action done in 8h), will expired. This alone is not enough to ensure the session won't work anymore.
You need to setup a cronjob to clean up old sessions, because the session cookies in your browser won't have an expiry date and the sessions in the database will remain there, unless cleaned up by a cronjob.
/opt/rt/sbin/rt-clean-sessions --older 1H
Add --skip-user if you allow one user to possibly have multiple sessions at the same time, i.e. in different browsers or workstations. Add --debug to debug what is going an.