OAM Session Timeout Configuration Woes

May 12, 2015

Reading time ~1 minute

After a full day of work some people working late started losing their session and were unable to log back on.

This applies to OAM and later and the basic configuration was as follows:

Nothing out of the ordinary as you can see. The expected session lifetime is set to 12 hours (720 minutes) and idle timeout is set to 1 hour.

After a lot of digging, checking timeout values on the webgate, http server, load balancer and whatnot, it turned out that there is an undocumented setting in oam-config.xml called CredentialValidityInterval which defaults to 480 minutes (8 hours). After 8 hours users will hit this setting and lose session and the ability to log back in for another 4 hours.

The solution is simple, just edit the value of CredentialValidityInterval and increase it from 480 M to 720 M . Please remember to update the Version element of oam-config.xml or your changes will be ignored.


<Setting Name="SessionConfigurations" Type="htf:map">
	<!-- Change this from 480 M to 720 M --> 
	<Setting Name="CredentialValidityInterval" Type="htf:timeInterval">720 M</Setting>

This finding has been documented at Oracle Support:

Sessions Timing Out In OAM (Doc ID 1577300.1)

 </span> Did you know that you can also set session idle timeout at domain level?

Thomas is part of the middleware team at Sysco and has been a developer since 1995 working with HTML,Javascript and Java ++ since the day they were born. He's been working with Oracle middleware and database products since 2006.

Automatic tests for webservice with RestAssured, WireMock and Testcontainers libraries.

# IntroductionIn this post, we will take a look at 3 libraries/tools for testing end points of web-services. ## Content: 1. Application...… Continue reading

Customized OSB Training

Published on December 11, 2017

OUGN Integration SIG - DevOps

Published on December 10, 2017