Session Management
Session management requirements also depend on how authentication is configured in MashZone NextGen. MashZone NextGen maintains sessions for each authenticated user. This session expires if no new requests are received within the timeout period configured for MashZone NextGen.
If authentication is handled by an SSO solution or uses SSL and digital certificates, MashZone NextGen uses the user identity information from SSO or the certificate to start a new session when a request is received for a session that has expired. Similarly, for guest users, MashZone NextGen simply starts a new session.
If authentication is using simple credentials, however, MashZone NextGen returns an error message for requests using an expired session. In this case, you must handle this error appropriately.