Hi Nicole, these are the notes I made for a previous endeavor of container based deployment, these might help you get this achieved, and they might (or might not) be sufficient in your CP4BA setup. Pls adjust the timings to your requirements.
The following file has been put into the component's PVCs icn-cfgstore cpe-cfgstore graphql-cfgstore cmis-cfgstore
z_sessionTimeout.xml
<!-- add to the Config Dropins
overrides directory for the POD. -->
<server>
<!-- This sets the JSESSIONID cookie secure and HttpOnly -->
<!-- Sets the session idle timeout to 120 minutes and LTPA to 240
minutes -->
<httpSession
cookieSecure="true"
invalidationTimeout="600m"
invalidateOnUnauthorizedSessionRequestException="true" />
<ltpa expiration="600m" />
</server>
For BAW, we'll add an entry to the CR file, the position for session config settings is baw_configuration.liberty_custom_xml (as subpath to the baw server node, like bawins1)
liberty_custom_xml: |+
<server>
<!-- custom propeties here -->
<httpSession
cookieSecure="true"
invalidationTimeout="600m"
invalidateOnUnauthorizedSessionRequestException="true" />
<ltpa expiration="600m" />
</server>
If AppEngine is used for your frontends, this might be necessary in the CR file.
application_engine_configuration.max_age.auth_cookie: "90000000"
csrf_cookie: "360000000"
I'd hope that IBM would create some formal documentation on this in future.
------------------------------
Mathias Korell
------------------------------
Original Message:
Sent: Mon July 10, 2023 04:43 PM
From: Nicole Baker
Subject: Idle Session Timeout options in CP4BA v21
We are deploying a Case Management solution on CP4BA v21. This solution will use Case, BAW and Filenet. Is it possible to customize the idle session timeout to a specific time? We will be using W3 SAML to authenticate and are currently following the default 13 hour idle session pattern.
Thanks
------------------------------
Nicole Baker
------------------------------