How can we prevent expired sessions under CAF Portlets?

Hi all,

I have a web application based on MWS CAF with NTLM connexion configured on each portlet so that users don’t have to enter their id/pwd each time they connect to the app.
The NTLM configuration is based on our internal LDAP Active Directory.

Well, on the first connexion, the user is automatically authenticated and that lasts a significant time, giving the impression that the app has low performance. But once the user is authenticated, he can easily navigate under different portlets.

The problem here is that users usually open a portlet to display some business data that they will process, and then they go back under my application in order to complete what they started minutes, even hours ago. When they click, the application has to authenticate them again and that lasts again little time giving the impression that the application is not responding instantly.

And that’s exactly what I want to prevent. Once the session is opened, I need to keep it alive.

  • Is that recommended?
  • Is there any limitation concerning the number of session kept alive?
  • Will that make my application more slow or will it increase performance?


Regarding performance it will impact MWS for sure if the session lasts too much and there are lot of sessions. I had this configured in 8.0 and MWS used to crash almost everyday because of the load. make sure you don’t have any LDAP calls inside the CAF code and if you have remember to destroy all sessions once created.

For session timeout you can increase this value in LDAP configuration of MWS.

Thanks AG for your reply.

I made some tests recently and I noticed that sessions under MWS expire after 30min regardless of whether the user is a system one or a LDAP one.

So I think that session timeout is not related to the LDAP configuration of MWS but to a global parameter that I am unable to find.

Also, I forgot to mention that I am under MWS 8.2.2

Best regards,

yes MWS session timeout is configured in \MWS\server<server instance>\deploy\portal.war\WEB-INF\web.xml file, search for and configure the value as required.

1 Like

Hi Walid,

MWS Session timeout is configured by the property “session-timeout” defined within the file /server/default/deploy/WEB-INF/web.xml

You may modify this value (in minutes) then restart MWS.

With kind regards,

1 Like