SessionResourceFilter
As a rule, the maximum lifetime and the maximum inactive interval of a HttpSession are configured in the HttpSession configuration . However, if the maximum lifetime and/or maximum inactive interval have to be configured on a per-URL basis, this can be done in the SessionResourceFilter.
When used in combination with an IdentityCreationFilter, the mapping of the SessionResourceFilter must be configured before the mapping of the Identity-CreationFilter.
Classname
ch::nevis::isiweb4::filter::resource::SessionResourceFilter
Library
libResourceFilters.so.1
Configuration
| Name | Type, Usage Constraints, Defaults | Description |
|---|---|---|
| InactiveInterval | integer; optional, basic; default: none | Defines the maximum inactive interval of the HttpSession on a per-location basis. |
| InactivePolicy | enum: current, peak; required, advanced; default: current | The attribute 'InactivePolicy' is used to configure how 'InactiveInterval' is checked: current: 'InactiveInterval' is checked against the interval since the last access. peak: 'InactiveInterval' is checked against the peak inactive interval seen over the whole session. This also includes past inactive intervals measured by other SessionResourceFilters with the same StateKey. |
| MaxLifeTime | integer;; optional, basic; default: none | Defines the maximum lifetime of the HttpSession on a per-location basis. |
| ReauthInterval | integer; optional, basic; default: none | Defines the maximum inactive interval of the HttpSession before a reauthentication is triggered. |
| ReauthPolicy | enum: current, peak; required, advanced; default: current | The attribute 'ReauthPolicy' is used to configure how 'ReauthInterval' is checked: current: 'ReauthInterval' is checked against the interval since the last access. peak: 'ReauthInterval' is checked against the peak reauth interval seen over the whole session. This also includes past inactive intervals measured by other SessionResourceFilters with the same StateKey. |
| StateKey | string; optional, advanced; default: ch::nevis::isiweb4::filter::resource::SessionResourceFilter.<FilterName> | If the same value for the attribute StateKey is configured for two or more SessionResourceFilters, they share LastAccessTime and PeakInactiveInterval. As a result, several filters with different settings operate on the same data. |