Use the Login Timeout node of the Configuration Manager to enable or disable the login timeout feature. When this feature is enabled, a WebSphere Commerce user that is inactive for an extended period of time is logged off the system and requested to log back on. If the user subsequently logs on successfully, WebSphere Commerce runs the original request that was made by the user. If the user logon fails, the original request is discarded and the user remains logged off the system.
Note that for WebSphere Commerce tools (such the Administration Console,WebSphere Commerce Accelerator, and so on), login timeout does not present a relogin page to the user. Instead, it closes the browser window and it is up to the user to log back on to the tool. Thus, in the case of tools, the original request that the user submits is not processed.
To enable this feature:
To use the login timeout security feature for a store, you need to define the LoginTimeoutErrorView and ReLogonFormView views for the store as described in Login timeout.
- Open the Configuration Manager.
- Traverse to the Login Timeout node for your instance as follows: WebSphere Commerce > host_name > Instance List > instance_name > Instance Properties> Login Timeout
- To activate the login timeout feature, click the Enable check box.
- Enter the login timeout value, in seconds, in the Value field.
- To apply your changes to Configuration Manager, click Apply.
- Upon successfully updating the configuration for your instance, you will receive a message indicating a successful update.
- From the WebSphere Application Server Administration Console, stop then restart the WebSphere Commerce Server instance.
Note that the login timeout value is stored in the instance.xml file in milliseconds, while the value in Configuration Manager is entered in seconds.