Session not timing out

Issue #86 new
Perry Willett
created an issue

The DMP session, once established, does not time out. I.e. there doesn't appear to be a Session timeout incorporated into the cookie or its related session info on the DMP side. This is not a good security practice. There should be some "inactivity limit" to the lifetime of the DMP session, or if not based on inactivity, some maximum lifetime before you have to login again. Probably not more than 8 hours, perhaps less.

Comments (0)

  1. Log in to comment