Login Timeouts

6 posts by 2 authors in: Forums > CMS Builder
Last Post: October 2, 2015   (RSS)

Hi,

How can i change the way of the "Automatically expire login sessions" so logged in users through websiteMembership add-on do not expire or have an idle time and expire only after that?

The CMS login expiration has many reason to exist but in the application (driven by cmsBuilder and websiteMembership ) it is really frustrating to auto-logoff and expire users's session.

Any ideas are appreciated,
Karls

Hey Karls, 

The automatic logout time is set to 30 minutes by default, but you can increase it as much as you want. If you log into the CMS, then go to General Settings, under Security Settings you'll see a field called Automatically expire sessions after (I've also attached an example screenshot). You can increase this to as much as you need.

Thanks!

Greg

Greg Thomas







PHP Programmer - interactivetools.com
Attachments:

CMS Builder.png 69K

By ht1080z - September 30, 2015 - edited: September 30, 2015

Hi Greg,

and thank you for your reply.

My question is pointed out the weakness of this option exactly.

I need to keep low this timeout value for security reason but this break user's experience outside of the cms (in a web application) with the continuous session expiration.

I searching for a method or a custom solution that separates the CMS from the websiteMembership driven web-app timeouts.

PS: if there is no way to make this option separated and if i keep the CMS management very strict (required logoff) may can increase the value to hours so i can live with it.

Regards,
Karls

Hey Karls, 

I've had a look through the codebase and there isn't an easy way to separate the two cookie expiry times at the moment. But I've made a note of this feature request for future releases of the plugin.

Thanks,

Greg

Greg Thomas







PHP Programmer - interactivetools.com

By ht1080z - October 2, 2015 - edited: October 2, 2015

Hi Greg,

Is there no way to add to cmsBuilder and websiteMembership to expire logon session after the browser closed?

Regards,
Karls