Session inactivity timeouts

SSMC supports idle timeouts for web server sessions, web GUI screen sessions and SSH shell sessions. To meet the standards security requirement, it is required to set all such timeout values to a specific lower threshold.

Server session timeout

The SSMC web server maintains user sessions for the logged in users. The sessions remain active by default as long as there is activity (through REST requests under this session context). But when the REST requests cease for a user session and the server finds it to be inactive for more than the configured session timeout interval, then it invalidates and removes such sessions from memory. By default, the server session timeout is set to 15 minutes.

To configure the timeout value to 10 minutes for standards security compliance,

  1. Edit ssmc.properties property.

  2. Uncomment and set the value to 10: 

    server.session.timeout=10

  3. Save and exit.

Screen timeout

SSMC uses javascript based web pages that keep firing REST requests asynchronously to the server periodically even when not in use. This prevents any server session timeout for the user, when the web pages are kept open. Therefore SSMC uses a screen timeout setting for the web GUI and detects user activity on the client terminal such as mouse movements. When the browser session is detected as inactive for the set time (default is 30 mins), the client-side scripts fire a REST request that invalidates the server-side session and redirects the user to the login page.

To configure the timeout value to five minutes for standards security compliance:

  1. Log in to SSMC Administrator console as ssmcadmin.

  2. Navigate to Actions > Preferences > Application > Session timeout.

  3. Toggle switch to Yes and set the value to 5 minutes.

  4. Click OK.

SSH shell session timeout

SSMC appliance shell session has a default inactivity timeout value of 15 minutes. Configure this value to five minutes for security standards compliance.

To configure the value:

  1. Log in to SSMC shell as ssmcadmin

  2. Edit /ssmc/conf/security_config.properties

  3. Uncomment the property and set the value to 300. 

    ssmc.shell.session.inactivity.timeout=300

  4. Save the changes and exit.

To configure the SSH shell session timeout, execute the following command: 
sudo /ssmc/bin/config_security.sh –o shell_session_idle_timeout –a set -f
Restart SSMC service from TUI menu option 2 after logging out of all shell sessions, for the timeout changes to take effect.