How to set Session timeout in Hybris
Session is one of the most important objects for any web application.
In Hybris application also, we have HttpSession but in addition to that it uses Jalo session enclosed within HttpSession.
Please check Jalo session Article for more details on Jalo session
Its very important to set session timeout for any web application so that application will be secure when user will be inactive for long time.
How session timeout is done in Hybris ?
Hybris has set the session timeout in the properties file
Below key value pair is kept in project.properties file of platform extension
- default.session.timeout=3600
default.session.timeout=3600
It means if user is inactive for 3600 seconds, session will be timed out
How to override this timeout ?
We can override this property in local.properties file as below
- default.session.timeout=1000
default.session.timeout=1000
This will make session timeout after 1000 seconds.
Note :
default.session.timeout value is used for all the applications of Hybris like storefront,HMC,HAC,cockpit. If we set this property then Hybris will automatically do session invalidation after specified seconds. We can also override this timeout value to specific application like for storefront we can give different timeout,for hmc we can give different timeout etc.
how to give different timeout of hac and hmc
Thank you for this article,
Do you mean milliseconds ? 3600 ms => 1 hour
3600 seconds ==> 1 hour