Java Development Tools

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Session Absolute Timeout

MarziehDec 10 2016 — edited Dec 10 2016

Hi all

I used jdeveloper12.2.1.

I want to set absolute session timeout for my adf application and I found below definition for it

Please guide me.

I appreciated in advance.

All sessions should implement an absolute timeout, regardless of session activity. This timeout defines the maximum amount of time a session can be active, closing and invalidating the session upon the defined absolute period since the given session was initially created by the web application. After invalidating the session, the user is forced to (re)authenticate again in the web application and establish a new session.

The absolute session limits the amount of time an attacker can use a hijacked session and impersonate the victim user.

Locked Post

New comments cannot be posted to this locked post.

Locked on Jan 7 2017

Added on Dec 10 2016

#application-development-in-java, #jdeveloper-and-adf

4 comments

567 views