Application session timeout interaction

Access Gateway supports three specific session settings:

  • Browser Session Expiration - Session is set to expire with the browser's session.
  • Idle Session Duration - Destroys session if user is idle for this duration.
  • Maximum Session Duration - Destroy session if this duration is exceeded.

The following table describes the expected session behavior for each combination of settings.

Browser Session Expiration Idle Session Duration Maximum Session Duration

Behavior on
idle session timeout

Behavior after max session exceeded.

Reopen browser

     

Not supported. You must choose at least one behavior.

   

N/A1

Re-authenticate

Continue session if max session duration not exceeded


 

Re-authenticate

N/A2

Continue session if idle session duration not exceeded

 

Re-authenticate

Re-authentication

Continue session if max session duration not exceeded

 

 

N/A1

N/A2

Re-authentication

 

N/A1

Re-authentication

Re-authentication

 

Re-authenticate

N/A2

Re-authenticate

Re-authenticate

Re-authenticate

Re-authenticate

1 - Ignored, no action taken as idle session duration disabled.
2 - Ignored, no action taken as maximum session duration disabled.