knstvk
commented
4 months ago Mention also jmix.core.session.maximum-sessions-per-user property, as well as sessions in REST.
Open fractal3000 opened 4 months ago
knstvk
commented
4 months ago Mention also jmix.core.session.maximum-sessions-per-user property, as well as sessions in REST.
In previous versions of jmix there was a property to limit user session live time. It was jmix.ui.http-session-expiration-timeout-sec property. Currently this property is not used and user should use one Spring Boot property(server.servlet.session.timeout) and two Vaadin properties(vaadin.servlet.close-idle-sessions and vaadin.servlet.heartbeat-interval). And the behaviour of user session expiring is described in Vaadin documentation https://vaadin.com/docs/latest/flow/advanced/application-lifecycle#application.lifecycle.session-expiration. Seems that it is not obvious way to search such information in Spring and Vaadin documentaion. Suggestion is to describe principes of managing user session parameters in our documentations.
Examples of topics on forum that shows this problem are https://forum.jmix.io/t/inactivity-timeout-log-user-out-after-x-minutes-jmix-2-3-1/5258/2 and https://forum.jmix.io/t/close-user-sessions/5261.