SecurityTokenRefreshInterval

The time interval before a SecurityInfo token expires, in which it can be refreshed. When a user sends a request with a SecurityInfo token that is close to expiration, HPE Community Component sends the refresh token, so that the user can continue with their session.

All query actions that accept the SecurityInfo parameter, return the refreshed token in the responsedata/autn:securityinfo element.

When you set SecurityTokenIdleTime, the SecurityInfo token expires after the specified SecurityTokenIdleTime only if the user does not use it. If the user sends a request within the configured SecurityTokenRefreshInterval of the token expiration time, HPE Community Component returns a refresh token. The user can continue using the new token for a further SecurityTokenIdleTime.

NOTE:

If you set SecurityTokenRefreshTime to zero, or to a value greater than or equal to the value of SecurityTokenLifetime, every action that you send generates a new refresh token.

Specify an interval in the following format:

NumberTimeUnit

where,

Number

is the number of time units to elapse.

TimeUnit

is the time unit to apply. The following units are available:

  • second
  • seconds
  • minute
  • minutes
  • hour
  • hours
  • day
  • days
  • week
  • weeks
  • month
  • months
  • year
NOTE:

If you do not specify a TimeUnit, HPE Community Component reads the specified number as seconds.

NOTE:

The times used in the SecurityInfo strings are in Universal Coordinate Time (UTC or GMT) rather than local time.

Type: Long
Default: 5minutes
Allowed Range: Minimum: 0
Maximum: 1year
Recommended Range: Minimum: 60seconds
Maximum: 1hour
Required: No
Configuration Section: Security
Example: SecurityTokenRefreshInterval=10minutes
See Also:

_HP_HTML5_bannerTitle.htm