cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
This question about Configuration: Answered

Auto Logout after a short period of inactivity

I recently installed TWiki 4.3.1 and have started to configure it as the basis for a corporate wiki. I find that if I do NOT logout then the next time I open TWiki I find I am still logged in. From a security point of view this is not reasonable because if I was working with a restricted Web or Topic then anyone with access to my computer while I am away for a short time can use my login to TWiki. What is needed is a means to logout users after a short period of time - the time period to be set by the administrator. I am syrprised that such a feature does not exist - perhaps it does and I have not been able to find it in the documentation.

  • First, upgrade to Foswiki wink (though the following should work with TWiki as well)
  • In configure, select "Yes, I've read all the documentation" (because you have, haven't you?)
  • Open the "Security setup" twisty, and locate "Sessions".
  • The options you want are {Sessions}{ExpireAfter} and {Sessions}{ExpireCookiesAfter}
-- CrawfordCurrie - 06 Jun 2009


Thanks for the prompt and helpful reply. With a product that has such extensive documentation someone with just a weeks experience is reluctant to press a button that says "Yes, I've read all the documentation" So I missed out on the session variables.

-- MikePengelly - 07 Jun 2009

QuestionForm edit

Subject Configuration
Extension
Version TWikiRelease04x03x00
Status Answered
Topic revision: r3 - 07 Jun 2009, MikePengelly - This page was cached on 18 Aug 2018 - 12:57.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy