Adobe Experience Manager Sites & More

vishwanath881 · 3/3/16

Hello All,

We would like to change the session timeout of AEM. Where can we change the default value ?

Lokesh_Shivalingaiah · 3/3/16

Goto /system/console/configMgr and seach for 'Apache Felix Jetty Based Http Service'. You can configure the session timeout property in service.

Lokesh_Shivalingaiah · 3/3/16

for token expiration, you can goto

/system/console/configMgr and update Apache jackrabbit oak TokenConfiguration

smacdonald2008 · 3/3/16

Sham referenced this article in the other thread where you asked this question:

http://www.aemstuff.com/#article964

vishwanath881 · 3/10/16

Hello Sham,

After we changed the value of Token Expiration in Apache Jackrabbit token configuration from default 12 hours to 24 hours.

Our instance is not working, We are getting the following errors.

HTTP ERROR: 500

Problem accessing /crx/de/index.jsp. Reason:

Server Error

This has happened to multiple servers. We have opened an official daycare request for this.

Adobe team has got back and said that the issue started when we modified the Token Expiration value and after that none of the users are able to login.

We reverted back the value. Tried to restart the instance but nothing helped. Finally we restored the instance from backups, but we would like to know how this happened and is there any solution for this ?

We are using AEM 6.0 with SP1 and SP2. During this time, only the /system/console and crx explorer were accessible and nothing else was.

The following is the stack trace of error that adobe is pointing as the root cause.

*WARN* [qtp1074684600-37] org.eclipse.jetty.servlet.ServletHandler /login.html

java.lang.IllegalArgumentException: Invalid token ''
at org.apache.jackrabbit.api.security.authentication.token.TokenCredentials.<init>(TokenCredentials.java:42)
at com.day.crx.security.token.impl.TokenAuthenticationHandler.createCredentials(TokenAuthenticationHandler.java:578)
at com.day.crx.security.token.impl.TokenAuthenticationHandler.extractCredentials(TokenAuthenticationHandler.java:352)
at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:75)
at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)
at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:697)
at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:452)
at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:438)
at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121)
at org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:335)
at org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:337)
at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:300)
at org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:93)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:50)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.sling.i18n.impl.I18NFilter.doFilter(I18NFilter.java:128)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:46)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:89)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80)
at org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:46)
at org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:31)
at org.apache.felix.http.sslfilter.internal.SslFilter.doFilter(SslFilter.java:55)
at org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:108)
at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:80
)

I do not understand why just by changing the default value of token expiration should break the whole instance ?

Could you please kindly look into this and let us know, Further, we are still trying to figure out how to increase the session time out value.

http://localhost:4502/system/sling/cqform/defaultlogin.html?resource=%2F&$$login$$=%24%24login%24%24...

Thanks,

Vish

Tushar_U_Vats · 12/21/17

Hi @vishwanath881,

By any chance you got the fix for this situation, facing a similar issue.

Thanks.

Tushar

kautuk_sahni · 3/7/16

1. Go to /system/console/configMgr web app and login as admin

2. Find the "Day CRX Token Authenticator" and click it to edit the configuration

3. In the "Required Attributes" dropdown, select "None" - Save

In crx-quickstart/repository.xml, change the tokenExpiration to desire time (NOTE: By default, it is 12 hours. Time is specify in milliseconds).

...

<param name="tokenExpiration" value="9999999999999"/> ...

</LoginModule>

If using LDAP, you can do the following to the ldap configuration file com.day.crx {

com.day.crx.core.CRXLoginModule sufficient

tokenExpiration="9999999999999";

com.day.crx.security.ldap.LDAPLoginModule required

principal_provider.class="com.day.crx.security.ldap.principals.LDAPPrincipalProvider"

principal_provider.name="ldap"

...

tokenExpiration="9999999999999";

};

I hope this works.

Thanks and Regards

Kautuk Sahni

Jitendra_S_Toma · 3/8/16

I guess, you want to change AEM Http session timeout value. @Lokesh has pointed out correctly. You can change it from 'Apache Felix Jetty Based Http Service'.

---Jitendra

manideep28 · 1/15/18

Hi @vishwanath881,

Any fix done to this issue, please share ASAP. Facing similar issue.

Thanks.

Venkat

RaúlArranz · 6/14/18

I have the same issue, no solution over this 2 years?

Sady_Rifat · 10/5/20

In the browser cookie section, there is a cookie called “login-token”. After removing this cookie it should be alright.

sateeshreddy · 4/26/23

Hey, Is this for AEM instance log out ?

Adobe Experience Manager Sites & More

Change AEM Default Session timeout value

HTTP ERROR: 500

Kautuk Sahni

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe