OAM Session Timeout Configuration Woes

May 12, 2015

Reading time ~1 minute

After a full day of work some people working late started losing their session and were unable to log back on.

This applies to OAM and later and the basic configuration was as follows:

Nothing out of the ordinary as you can see. The expected session lifetime is set to 12 hours (720 minutes) and idle timeout is set to 1 hour.

After a lot of digging, checking timeout values on the webgate, http server, load balancer and whatnot, it turned out that there is an undocumented setting in oam-config.xml called CredentialValidityInterval which defaults to 480 minutes (8 hours). After 8 hours users will hit this setting and lose session and the ability to log back in for another 4 hours.

The solution is simple, just edit the value of CredentialValidityInterval and increase it from 480 M to 720 M . Please remember to update the Version element of oam-config.xml or your changes will be ignored.


<Setting Name="SessionConfigurations" Type="htf:map">
	<!-- Change this from 480 M to 720 M --> 
	<Setting Name="CredentialValidityInterval" Type="htf:timeInterval">720 M</Setting>

This finding has been documented at Oracle Support:

Sessions Timing Out In OAM (Doc ID 1577300.1)

 </span> Did you know that you can also set session idle timeout at domain level?

Thomas is part of the middleware team at Sysco and has been a developer since 1995 working with HTML,Javascript and Java ++ since the day they were born. He's been working with Oracle middleware and database products since 2006.

Customizing service calls with multiple levels of security in OSB 12c

This will be a part two of my previous post which you can read [here](http://blog.sysco.no/osb/jdeveloper/Service-call-with-multiple-leve...… Continue reading