Mr. Gwooton.

Yes, but it is not working in our environment ( 2021.2 ).

We used 450m, now I put 30000s for studio analytics and for logon server I used 40000s.

The property is servlet.session.timeout

We have to restart some things.

I'll will reply if this succeeds.

Mr G Wooton,

a late reply.

I used  http.session.maxAge 7h for all except logon 8h.

            servlet.session.timeout 7h for all except logon 8h.

The documentation says : 

If you change the global time-out interval, you must restart all services in order for the change to take effect for any new sign-ins. If you change the interval for specific services, you must restart the services that you changed. For the http.session.maxAge property, the services are automatically restarted after you save the change.

So in this case they all get restarted.

I will post the result here.

Dik

It is still  not working.

We will make a sas-ticket for support.

Mr G Wooton

I found another config item , I will test this in combination with above.

I let you know the results.

Regards,

Dik Pater

SAS Help Center: How To

Configure the HTTP Session Time-out Interval

1. In the Definitions list, select server.
2. In the top right corner of the window, click New Configuration.
3. In the New server Configuration dialog box, click 
    

    

   .
4. In the Choose Services dialog box, complete the following:
1. Search for and then select SAS Logon Manager.
2. Click 
    

    

   .
3. Click OK.
5. In the New server Configuration dialog box, click 
    

    

    to add a new property.
6. In the Add Property dialog box, complete the following:
1. In the Name field, enter session.timeout.
2. In the Value field, enter the amount of time a session has to be idle before it times out, in seconds.
3. Click Save.
7. In the New server Configuration dialog box, click Save.
8. Restart all services to reflect the new time-out interval. For more information, see Operate a Specific Server or Service in SAS Viya: General Servers and Services.

Mr. Wooton,

The following combination worked for us.

Thanks .

For all except SASLogon, opendistro, opendistroDiscovery

http.session.maxAge: 25200

servlet.session.timeout: 7h

For only SASLogon

http.session.maxAge: 28800 (NB hoger dan die van de andere apps)

servlet.session.timeout: 8h   (NB hoger dan die van de andere apps)

session.timeout: 28800

We had to add the following. This changed to default 1 hour.

Authentication timeout:

Dit gaat door via Environment manager de volgende instellingen te wijzigen: Configuratie instellingen → SAS Logon Manager

  New Configuration → kies voor sas.logon.jwt

  vul in bij :

  policy.accessTokenValiditySeconds: 28800                     (8 uur)

  policy.global.accessTokenValiditySeconds: 28800       (8 uur)

Extract from : Tuning the authentication timeout for long-running jobs (sas.com)

With security being at the front and center of most SAS decisions, SAS is gradually reducing the default expiration for Access Tokens from the original value of 10 hours. Shorter-lived tokens reduce the window that a compromised token can be used by an attacker. To avoid possible disruption, this change is being implemented in steps. As of the stable release 2021.2.4 (February 2022), the Access Token default lifetime is decreased to 4 hours; in a later release, it will be further reduced to 1 hour.