Opencex login does not time out 24hrs later after user closed browser tab. If user does login to Opencex, and thereafter closes the tab but does not close the browser, later opening a new tab on the same browser and accessing the opencex instance gives access to the immediately previous logged in session. It does not ask for/ or create a new login session. Session management as a function of security needs to be looked into.
taffyatom
commented
10 months ago
Opencex login does not time out 24hrs later after user closed browser tab. If user does login to Opencex, and thereafter closes the tab but does not close the browser, later opening a new tab on the same browser and accessing the opencex instance gives access to the immediately previous logged in session. It does not ask for/ or create a new login session. Session management as a function of security needs to be looked into.