Logout AEM Author users based on inactivity | Community
Skip to main content
B_Sravan
Community Advisor
B_SravanCommunity Advisor
Community Advisor
May 29, 2025
Solved

Logout AEM Author users based on inactivity

  • May 29, 2025
  • 3 replies
  • 583 views

I’ve configured the Apache jackrabbit oak TokenConfiguration  in AEM 6.5 to set token expiry, and it works as expected.

 

However, it doesn’t consider user inactivity — the session expires only after the configured time, regardless of whether the user is active or idle.

 

I’m thinking of adding a client-side JavaScript to detect inactivity and force logout, ideally by loading it globally in the author environment.

 

Is there any official or supported clientlib category that loads globally at the instance level (i.e., across all authoring UIs like Sites, Assets, etc.)?

 

Thanks in advance!

-Sravan

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by B_Sravan

@giuseppebaglio and @amitvishwakarma 

Thank you for your replies. I tried those already, somehow the TokenConfiguration "Refresh Token" didn't work at the first instance.
Up on rebuilding and restarting the instance, I see no issue now - it is working as expected.

Solution : Enable the "Refresh Token" and restart the instance (not necessarily but in case if you don't see immediate effect).
Thank you,

@b_sravan 

3 replies

giuseppebaglio
giuseppebaglio
Level 10
May 29, 2025

hi @b_sravan, OOTB you can leverage the Apache jackrabbit oak TokenConfiguration and it has Token Refresh option as shown below:

 

You can find more details in this interesting article.

 

Alternatively, you could implement a custom client library, even if it feels a bit like overengineering something already available.

  1. Create clientlib with cq.shared category. For broader coverage (including non-Sites consoles like Assets or Users), add these categories: cq.authoring.page, cq.authoring.console
  2. Add the inactivity detection JavaScript File, for example /apps/<project>/clientlibs/authoring-inactivity/js/inactivity.js 
(function($) { "use strict"; var idleTimeout = 1800 * 1000; // 30 minutes var idleTimer; function resetTimer() { clearTimeout(idleTimer); idleTimer = setTimeout(logout, idleTimeout); } function logout() { $.ajax({ url: Granite.HTTP.externalize("/system/sling/logout?resource=/"), method: "GET", success: function() { window.location.href = "/"; } }); } $(document).on("mousemove keydown scroll", resetTimer); resetTimer(); })(window.jQuery);
    AmitVishwakarma
    Community Advisor
    AmitVishwakarmaCommunity Advisor
    Community Advisor
    May 29, 2025

    Hi @b_sravan ,

    Try below solution:

    1. Create a clientlib with the right categories

    2. Write a secure inactivity tracking script

    3. Force logout via /system/sling/logout

    4. Ensure it works across all author consoles

     

    1. Create a Clientlib: /apps/<your-project>/clientlibs/inactivity

    Structure:

    /apps/<your-project>/clientlibs/inactivity ├── js/ │ └── inactivity.js ├── css.txt (optional) ├── js.txt └── .content.xml

    2. js.txt

    js/inactivity.js

    3. .content.xml

    <?xml version="1.0" encoding="UTF-8"?> <jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" jcr:primaryType="cq:ClientLibraryFolder" categories="[cq.authoring.page, cq.authoring.console]" dependencies="[granite.jquery]" embed=""/>

    cq.authoring.page – Loads in authoring pages (Sites)

    cq.authoring.console – Loads in all AEM consoles like Assets, Users, Tools

    granite.jquery – Ensures jQuery is available

     

    4. inactivity.js

    (function ($, window, document) { "use strict"; // Configuration var idleLimit = 30 * 60 * 1000; // 30 minutes var logoutUrl = Granite.HTTP.externalize("/system/sling/logout?resource=/"); var idleTimer = null; function resetTimer() { if (idleTimer) clearTimeout(idleTimer); idleTimer = setTimeout(triggerLogout, idleLimit); } function triggerLogout() { console.info("User inactive for 30 minutes. Logging out."); $.ajax({ type: "GET", url: logoutUrl, success: function () { window.location.href = "/"; }, error: function () { console.error("Failed to logout due to AJAX error."); } }); } function startIdleDetection() { // Listen to events $(document).on("mousemove keydown scroll click", resetTimer); resetTimer(); } $(document).ready(function () { startIdleDetection(); }); })(jQuery, window, document);

     

     

    5. Deploy & Test

    Build the clientlib using AEM Developer Console or CRXDE Lite

    Check browser network tab: Confirm inactivity.js is loaded on:

    /sites.html

    /assets.html

    /useradmin

    Wait 30 mins or reduce idleLimit to test quickly

    Ensure auto-logout and redirect work

    Regards,
    Amit

     

      B_Sravan
      Community Advisor
      B_SravanCommunity AdvisorAuthorAccepted solution
      Community Advisor
      June 4, 2025

      @giuseppebaglio and @amitvishwakarma 

      Thank you for your replies. I tried those already, somehow the TokenConfiguration "Refresh Token" didn't work at the first instance.
      Up on rebuilding and restarting the instance, I see no issue now - it is working as expected.

      Solution : Enable the "Refresh Token" and restart the instance (not necessarily but in case if you don't see immediate effect).
      Thank you,

      @b_sravan 

        Terms & ConditionsAccessibility statement

        Loading footer...