Limit UI active session life span

  • Release version: Australia
  • Updated March 15, 2026
  • 1 minute to read

    • The glide.ui.active.session.life_span property enforces max lifespan on active authenticated HTTP sessions irrespective of inactive timeout.

    The glide.ui.active.session.life_span system property enforces a maximum lifespan on active HTTP sessions irrespective of inactive timeout. The configured value is in minutes and the value of 0 will disable timing out the active sessions. This particular property is limited to UI session timeout.

    Set the glide.ui.active.session.life_span to a value between 1 and 720. This value represents the time in minutes that HTTP sessions can remain active.

    Note:
    The glide.ui.active.session.life_span is limited to UI session timeout.

    More information

    Attribute Description
    Configuration name glide.ui.active.session.life_span
    Configuration type System Properties (/sys_properties_list.do)
    Data type integer
    Recommended value 1-720
    Default value <none>
    Fallback value 0
    Category Session management
    Security risk
    • Severity score: 4.2
    • CVSS score: Medium
    • Security risk details: A larger maximum lifespan could allow an attacker to remain in a stolen session longer, increasing the possibility of a security incident.
    Dependencies and prerequisites None
    Functional impact Enforces max life-span on active authenticated HTTP sessions irrespective of inactive timeout. The configured value is in minutes. A value of zero will disable timing out the active sessions. The max life-span should be more than inactive timeout glide.ui.session_timeout (default 30 minutes).