Admin Console Session Timeout

**unilogic** · 05-05-2006, 06:27 PM

Is there a way to make the admin UI expire its session after a set amount of time like you can set with the user UI? This is probably would be a good security measure as it would force a logout of a admin session after a certain amount of inactivity.

Ben

**KevinH** · 05-05-2006, 06:35 PM

Good question. I think the Admin user can have a session timeout just like a normal user. If not it should. Might not be able to edit that in the admin UI but it should be settable from zmprov. Seems like something the admin UI should add if it's not there today.

**unilogic** · 05-05-2006, 06:46 PM

From my experience, i.e. leaving an admin UI open all night long, it doesn't time out. I'll test it more tonight.

**unilogic** · 05-05-2006, 10:09 PM

Well there is a zimbraAdminAuthTokenLifetime for each user and in the default CoS. This is a default 12 hours set which is a bit high if you ask me. There is no value for idle timeout like the client UI has, i.e. zimbraMailIdleSessionTimeout. So the admin UI doesn't seem to log itself out even with AuthTokenLifetime set short. Also I think in the Admin UI the time settings for Session Idle Timeout and AuthToken Lifetime should have a minutes option in the pull down next to it. One hour is quite a long time for idle logout.

Ben

**KevinH** · 05-08-2006, 09:47 AM

Those both seem like valid enhancements.

Zimbra

Thread: Admin Console Session Timeout

LinkBack

Thread Tools

Search Thread

Display

Admin Console Session Timeout

Thread Information

Users Browsing this Thread

Similar Threads

View Mails in Admin Console

zimbra suddently refused to get mail

Why cant i log in the Admin console?

Problem Accessing Web Admin Console

Services stopped working

Posting Permissions