b842792a16
This timeout will prevent an attacker from using a session that has been inactive for too long. This inactivity timeout combined with the timeout before expiration makes a good combination of security mechanisms to prevent session theft. If no activity timeout is provided, then the feature is disabled and only session expiration remains as a protection. |
||
|---|---|---|
| .. | ||
| step_definitions | ||
| support | ||
| access-control.feature | ||
| auth-portal-redirection.feature | ||
| authentication.feature | ||
| basic-auth.feature | ||
| forward-headers.feature | ||
| redirection.feature | ||
| regulation.feature | ||
| reset-password.feature | ||
| resilience.feature | ||
| restrictions.feature | ||
| session-timeout.feature | ||