Solved

Why my SharePoint foundation 2010 site does not time out?

Posted on 2013-11-07
4
518 Views
Last Modified: 2013-11-16
Hi,

I have a SharePoint Foundation 2010 site..... This site works fine but there is only one thing that is killing me. When I login and then I stop interacting with the site it never signs me out! I think it should do it!!! What if I'm in a public computer and for some reason I forget to logout.... it will stay in and someone could just have access to this site!! Why do you think a session never times out? How can I fix this?



Thanks for you help in advance!
0
Comment
Question by:hugonieto
  • 2
  • 2
4 Comments
 
LVL 44

Expert Comment

by:Rainer Jeschor
ID: 39631372
Hi,
what kind of authentication do you use?
If you use Windows Authentication AND you access the site from a domain joined machine AND you have configured IE to automatically send your login credentials then your session will always be re-initiated.
From a public/not domain joined computer, as soon as you close the browser (and for security I would also recommend to delete the browsers history as well as any cookies) you would not be automatically logged in (assuming that you do not store your used windows credentials in Win 7 user store).

HTH
Rainer
0
 

Author Comment

by:hugonieto
ID: 39633527
Thanks for your help RainerJ,


I use Windows Authentication and I have tested it from a Domain and public/not Domain. Actually, I have not done anything to the IE. I tried the site with Firefox, google chrome, and IE 10. None of these browsers times out my session after a period of time without an interaction. When I close IE without signing out and reopen the site it actually ask me for my credentials again which is good but it is the only one that does this. However, the others do not do that.... they sign me in automatically! Which probably has something to do with their cookies... I'm not sure.

So, probably SharePoint 2010 foundation does not have an option to set a specific time where the site will sign you out automatically if there is not an interaction without having to close the browser... I might be wrong....
0
 
LVL 44

Accepted Solution

by:
Rainer Jeschor earned 500 total points
ID: 39633745
Hi,
IE settings in domains are normally managed/configured centrally through group policies.
Depending on the url of your SharePoint site and the configuration, the sites url is part of the local intranet zone. In IE security settings of this zone, the credentials are sent automatically by default.
Some companies also configure "Trusted Sites" to send credentials automatically.

SharePoint does normally not use sessions - it has something else implemented which can be configured in Central Admin:
Central Admin -> Manage Web Applications -> select your web app -> General Settings -> Web Page Security validation which is by default set to 30 minutes.

And time of interaction:
if (and thats just a guess) you have some customized / coded web parts which dynamically load data using AJAX e.g. every minute, then you have an interaction every minute :-)

Not sure about Chrome and FF - I think it depends on their configuration about saving login/passwords and resending this information.

HTH
Rainer
0
 

Author Comment

by:hugonieto
ID: 39654079
Thanks a lot Rainer! All this info is really helpful!
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sharepoint online 3 44
SharePoint Online Security 5 81
Sweet32 Vulnerability in Microsoft IIS7.5 6 924
Could not load file or assembly 'Microsoft.Web.Infrastructure 4 33
Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question