SecureTrack as well as SecureChange are using a WebUI to interact with Administrators and Users. Here a timeout of about half an hour is configured by default, i.e. after 30 minutes of inactivity users are logged out automatically.
Not for every case this time is fine, e.g. for some customers this time might be too long due to security reasons. Other complain that this time is too short and they can't work with the tool. Both can be helped by changing the time for auto-logout within the configuration of SecureTrack and SecureChange. Parameters used for SecureChange are also valid for SecureApp.

 

Changing auto-logout time for SecureTrack WebUI

This change is done by changing the Apache configuration.
These steps will help to adjust the time between 600 and 86.400 seconds:

  • Backup the file /etc/httpd/conf/httpd.conf
  • Edit the file /etc/httpd/conf/httpd.conf and find this parameter: OIDCSessionInactivityTimeout
  • Replace the number following this parameter and select your own number of seconds here,
    e.g. if you want to have the timeout after 10 Minutes:
    OIDCSessionInactivityTimeout 60 (space between variable and number)
  • Save the file with the change
  • Restart the webserver using # service httpd restart
  • Restart the Tomcat Server using # service tomcat restart

 

Changing auto-logout time for SecureChange WebUI

This change is done by changing the TOS configuration.
These steps will help to adjust the time in minutes:

  • Backup the file /opt/tufin/securitysuite/conf/tufin_settings.properties
  • Edit the file /opt/tufin/securitysuite/conf/tufin_settings.properties and find the parameter SC_SESSION_TIMEOUT
  • Replace the number following this parameter and select your own number of minutes here,
    e.g. if you want to have the timeout after 10 Minutes:
    SC_SESSION_TIMEOUT=10 (equal sign between variable and number)
  • Save the file with the change
  • Restart the Tomcat Server using # service tomcat restart