Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
6.7.1, 7.4.6
-
10
-
Severity 3 - Minor
-
1
-
Description
Summary
Confluence won't respect the session timeout in web.xml if the user has an editor open. Essentially, you can set the session timeout to 1 minute, and an inactive user viewing a page will be kicked out after one minute. However, if that user has the editor open for a page, that user's session seems to stay active as long as the editor is open. Happens with Collaborative editing off and on.
May be related to CONFSERVER-54142 (though the seraph-config.xml workaround does not fix this issue)
Steps to Reproduce
- Set session timeout to 1 minute in web.xml and restart Confluence (How to adjust the session timeout for Confluence)
- Log in and open the editor on a page and wait.
Expected Results
User is logged out after 1 minute.
Actual Results
The user is not logged out and remains logged in beyond 20 minutes longer. The same user is logged out after 1 minute if the editor is not open.