OBPIH-6784 Set a more lenient session timeout#4918
Conversation
…ed server deploys
github-actions
bot
added
type: feature
|
I'd like to deploy this branch to an environment so that we can test that the setting is actually being applied. |
src/main/webapp/WEB-INF/web.xml
Outdated
| "server.session.timeout" (or "server.servlet.session.timeout" in SpringBoot 2+) is the matching | ||
| setting in application.yml. | ||
| --> | ||
| <session-timeout>120</session-timeout> |
There was a problem hiding this comment.
Is this configurable in any way when the app is deployed and hosted through tomcat?
There was a problem hiding this comment.
A good question. I'm not sure honestly
github-actions
bot
added
the
domain: backend
| int order = HIGHEST_PRECEDENCE | ||
|
|
||
| public InitializationInterceptor() { | ||
| InitializationInterceptor() { |
There was a problem hiding this comment.
I realized that we already had this class for building the user session so I switched to use it instead in an attempt to keep our code in one place.
I also cleaned up the code slightly by moving things into methods, adding comments, and accessing properties via @value instead. None of the logic is changed.
|
I've tested this on obdev5 and it looks like it's working! Non-logged in users (ie people who just go to the login page) will still use the 30min timeout (I did this by choice because we don't need a huge TTL for people who haven't even bothered logging in) but once you log in, it switches to 2h.
|
2 participants
✨ Description of Change
Link to GitHub issue or Jira ticket: https://pihemr.atlassian.net/browse/OBPIH-6784
Description:
only applies to embedded servers. the web.xml file works for external Tomcat deploys.now also applies to external deploys thanks to theCustomHttpSessionListenerInitializationInterceptor