[Factory Configuration] How to change the session timeout in Factory Configuration

Forge Component
Published on 2018-12-21 by OutSystems R&D
17 votes
Published on 2018-12-21 by OutSystems R&D

How to change the session timeout in Factory Configuration

The session timeout is the period of time that a session can remain idle, without any end-user interaction, before the Platform Server ends the session automatically. OutSystems uses the session mechanisms to manage its sessions.

To change the session timeout in OutSystems on-premises environments you must add a custom configuration at the level of the IIS application server. Follow this link for more information.

To change the session timeout in OutSystems cloud-hosted environments follow these steps:

  1. In the Shared Configurations tab create a new Shared Configuration with the following details:

    Name SetSessionTime

    Kind: web.config_XSL


    <?xml version="1.0" encoding="UTF-8"?>
    <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
        <xsl:output method="xml" indent="yes" encoding="UTF-8"/>
        <xsl:template match="@*|node()">
                <xsl:apply-templates select="@*|node()"/>
        <xsl:template match="/configuration/system.web/sessionState">
                <xsl:attribute name="timeout">60</xsl:attribute>
                <xsl:apply-templates select="@*|node()"/>
  2. In the eSpaces tab select the eSpaces that will have the new timeout duration and associate the shared configuration with them.

  3. Republish the eSpaces to generate the updated web.config files with the new timeout value.

  4. Wait for the existing sessions to expire (with the old timeout value) or cleanup the browser cookies before testing it.

Note: it is necessary to apply this configuration in all modules, otherwise the session timeout will not deterministic between the multiple modules.

Great Help , I managed to change this in machine.config ..before reading this article.



Is this for .NET only, correct? Could you show me the value for J2EE?

Does the shared config need to be associated with all the modules of the application? Or, only on the module that contains the login action?