SecurityTokenLifetime

The time after which the SecurityInfo token that HPE Community Component passes as part of a secure query expire.

By default, HPE Community Component uses this value as the lifetime of the SecurityInfo token, and you must request a new token after it expires. In this case, SecurityTokenLifetime has a default value of 30 minutes.

Alternatively, you can set SecurityTokenIdleTime to enable token refresh. In this case, the token expires after the specified SecurityTokenIdleTime only if the user does not use it. If the user sends requests within the configured SecurityTokenRefreshInterval of the token expiration time, HPE Community Component returns a refresh token. The user can continue using the new token for a further SecurityTokenIdleTime.

When you set SecurityTokenIdleTime, SecurityTokenLifetime specifies the total lifetime of the original and all subsequent refresh tokens (that is, a user cannot refresh a token after the specified SecurityTokenLifetime). In this case, the default value of SecurityTokenLifetime increases to 12 hours.

Specify an interval in the following format:

NumberTimeUnit

where,

Number

is the number of time units to elapse.

TimeUnit

is the time unit to apply. The following units are available:

  • second
  • seconds
  • minute
  • minutes
  • hour
  • hours
  • day
  • days
  • week
  • weeks
  • month
  • months
  • year
NOTE:

If you do not specify a TimeUnit, HPE Community Component reads the specified number as seconds.

NOTE:

The times used in the SecurityInfo strings are in Universal Coordinate Time (UTC or GMT) rather than local time.

Type: Long
Default: 30minutes if SecurityTokenIdleTime is not set.
12hours if SecurityTokenIdleTime is set.
Allowed Range: Minimum: 0
Maximum: 1year
Recommended Range: Minimum: 60seconds
Maximum: 1year
Required: No
Configuration Section: Security
Example: SecurityTokenLifetime=10hours
See Also:

_HP_HTML5_bannerTitle.htm