Change AEM Default Session timeout value

Forum|Forum|9 years ago
March 3, 2016
8 replies
25875 views

Hello All,

We would like to change the session timeout of AEM. Where can we change the default value ?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Goto /system/console/configMgr and seach for 'Apache Felix Jetty Based Http Service'. You can configure the session timeout property in service.

Lokesh_Shivalingaiah

for token expiration, you can goto

/system/console/configMgr and update Apache jackrabbit oak TokenConfiguration

smacdonald2008

Sham referenced this article in the other thread where you asked this question:

http://www.aemstuff.com/#article964

V

vishwanath881Author

Hello Sham,

After we changed the value of Token Expiration in Apache Jackrabbit token configuration from default 12 hours to 24 hours.

Our instance is not working, We are getting the following errors.

HTTP ERROR: 500

Problem accessing /crx/de/index.jsp. Reason:

Server Error

This has happened to multiple servers. We have opened an official daycare request for this.

Adobe team has got back and said that the issue started when we modified the Token Expiration value and after that none of the users are able to login.

We reverted back the value. Tried to restart the instance but nothing helped. Finally we restored the instance from backups, but we would like to know how this happened and is there any solution for this ?

We are using AEM 6.0 with SP1 and SP2. During this time, only the /system/console and crx explorer were accessible and nothing else was.

The following is the stack trace of error that adobe is pointing as the root cause.

*WARN* [qtp1074684600-37] org.eclipse.jetty.servlet.ServletHandler /login.html

java.lang.IllegalArgumentException: Invalid token ''
at org.apache.jackrabbit.api.security.authentication.token.TokenCredentials.<init>(TokenCredentials.java:42)
at com.day.crx.security.token.impl.TokenAuthenticationHandler.createCredentials(TokenAuthenticationHandler.java:578)
at com.day.crx.security.token.impl.TokenAuthenticationHandler.extractCredentials(TokenAuthenticationHandler.java:352)
at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:75)
at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)
at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:697)
at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:452)
at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:438)
at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121)
at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:335)
at org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:337)
at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:300)
at org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:93)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:50)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:128)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:46)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:46)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:55)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80
)

I do not understand why just by changing the default value of token expiration should break the whole instance ?

Could you please kindly look into this and let us know, Further, we are still trying to figure out how to increase the session time out value.

http://localhost:4502/system/sling/cqform/defaultlogin.html?resource=%2F&$$login$$=%24%24login%24%24&j_reason=session_timed_out

Thanks,

Vish

T

Tushar_U_Vats

Hi @vishwanath881,

By any chance you got the fix for this situation, facing a similar issue.

Thanks.

Tushar

kautuk_sahni

Community Manager

1. Go to /system/console/configMgr web app and login as admin

2. Find the "Day CRX Token Authenticator" and click it to edit the configuration

3. In the "Required Attributes" dropdown, select "None" - Save

In crx-quickstart/repository.xml, change the tokenExpiration to desire time (NOTE: By default, it is 12 hours. Time is specify in milliseconds).

...

<param name="tokenExpiration" value="9999999999999"/> ...

</LoginModule>

If using LDAP, you can do the following to the ldap configuration file com.day.crx {

com.day.crx.core.CRXLoginModule sufficient

tokenExpiration="9999999999999";

com.day.crx.security.ldap.LDAPLoginModule required

principal_provider.class="com.day.crx.security.ldap.principals.LDAPPrincipalProvider"

principal_provider.name="ldap"

...

tokenExpiration="9999999999999";

};

I hope this works.

Thanks and Regards

Kautuk Sahni

Jitendra_S_Toma

I guess, you want to change AEM Http session timeout value. @Lokesh has pointed out correctly. You can change it from 'Apache Felix Jetty Based Http Service'.

---Jitendra