Hi Experts,
How can i set or update the iPlanetDirectoryPro cookie for a specific realm?
Thanks
Hi Experts,
How can i set or update the iPlanetDirectoryPro cookie for a specific realm?
Thanks
The session cookie in AM is not realm specific, the whole AM deployment uses one single session cookie.
ok thanks.What is the iPlanetDirectoryPro default timeout setup at, how can I update this?
thanks
Time session management can be configured here:
Realms > Realm Name > Services > Session > Dynamic Attributes
See documentation here:
https://backstage.forgerock.com/docs/am/7.2/security-guide/session-state-session-termination.html#session-max-timeout
You may want to check the Session section in the documentation for reference:
https://backstage.forgerock.com/docs/am/7.2/sessions-guide/preface.html
Thanks for the info Gary. Right now am using 6.5 could you pls share for 6.5 one link kindly?
Hi Gery,
I had realms specific Dynamic attributes and also had Global services->session> dynamic attributes idle time out which one has precedence?
Realm configuration takes precedence.
You have max time, max idle time, max caching time, and active user sessions (if enforced at global level).
Gery,
Confusing me with your below statement in quotes.I’ve defined at global services and at the realm , the max time out . Like at global I had 20 mins and realm 15 mins time out. which one will be considered?
You have max time, max idle time, max caching time, and active user sessions (if enforced at global level).
thanks
No problem.
The rule is local (i.e. realm level) takes precedence over global configuration. That means you may use the Global configuration as “default” value across all realms. So your realm has a max time out value of 15 minutes.
I am sorry if the statement was not clear. I think what was not really explained is only related to the active user sessions (and it is probably not even part of your question, but the distinction is important). This value sets the maximum number of sessions for one user. You have a global value, and a local value. However, this maximum number of session needs to be enforced. The property to enforce a maximum number of values is set globally only.
Therefore changing the maximum number of active sessions at a local level is only meaningful if the global enforcement is set. This has no impact on the other three parameters: max time, max idle time, and max caching time.
I hope it helps.