Users being logged out after a short period of inactivity


Some users have complained that they are being logged out of Zanata after a very short ammount of inactivity.

Increasing the session timeout period would solve this problem.


Carlos Munoz
August 25, 2015, 11:16 PM

Per components.xml we have:

but I didn't find any evidence this was being used. If it isn't, then the default session timeout for Jboss is 30 mins.

Sean Flanigan
August 26, 2015, 12:27 AM

Another option might be for us to call HttpSession.setMaxInactiveInterval programmatically, perhaps using the authenticatedSessionTimeoutMinutes value from ApplicationConfiguration. Similar to this: That example Seam project seems to be set up in a very similar way, with authenticatedSessionTimeoutMinutes configured by components.xml. But in Zanata, it seems like we missed the bit of code which uses the configured timeout value.

However, note that increasing the timeout too much could increase our memory requirements drastically, especially if we put a lot of data into the session. (I suspect that includes Seam's session and conversation contexts.)

The good news is that increasing the timeout for authenticated sessions is not as bad as increasing the timeout for all sessions.

Luke Brooker
September 1, 2015, 11:44 PM

I think we should just add cookies and be done with it.

Carlos Munoz
September 1, 2015, 11:51 PM

Do you mean persistent cookies? I believe session cookies are already in use as part of the normal Session mechanism.

This still doesn't solve the problem that Sean talks about, which is that we need to differentiate between non-authenticated and authenticated sessions.

Carlos Munoz
October 6, 2015, 6:30 AM

I marked this as verified for workflow purposes.


Carlos Munoz


Carlos Munoz


Tested Version/s




Fix versions