Show Table of Contents
12.8. Configuring Session Timeouts
When a user connects to Red Hat Certificate System using the web interface or the PKI console, the server creates a session for the user. This session will automatically expire if there is no activity after a certain amount of time.
This section describes how to configure the timeout when a session expires.
12.8.1. Configuring the Session Timeout Value of the Web Interface
To customize the session timeout value:
- Verify that the instance-specific
/var/lib/pki/instance_name/webapps/subsystem/web.xmlfile exists. For example:# ls /var/lib/pki/instance_name/webapps/web.xml
If the file is not found:- Copy the
web.xmlfile from the shared web application directory to the instance-specific directory:# cp -r /usr/share/pki/subsystem/webapps/subsystem/ \ /var/lib/pki/instance_name/webapps/ - Set the permissions on the
/var/lib/pki/instance_name/webapps/subsystem/folder:# chown -R pkiuser:pkiuser /var/lib/pki/instance_name/webapps/subsystem/
- Set the
session-timeoutparameter in the/var/lib/pki/instance_name/webapps/subsystem/web.xmlfile to the timeout value in minutes. For example:<web-app> ... <session-config> <session-timeout>30</session-timeout> </session-config> ... </web-app> - In the
/etc/pki/instance_name/Catalina/localhost/subsystem.xml, set thedocBasein the<Context>tag to the path of the customized web application folder:<Context docBase="/var/lib/pki/instance_name/webapps/subsystem/" crossContext="true" allowLinking="true"> ... </Context>
12.8.2. Configuring the Session Timeout Value of the PKI Console
To configure when sessions of the PKI Console expire:
- Set the
keepAliveTimeoutparameter in theSecureconnectorelement in the/etc/pki/instance_name/server.xmlfile to a value in milliseconds. For example, to set it to 5 minutes:... <Server> <Service> <Connector name="Secure" ... keepAliveTimeout="300000" ... /> </Service> </Server> ... - Restart the instance:
systemctl restart pki-tomcatd@instance_name.service
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.