Sessions and Timeouts
MashZone NextGen is based on the standard J2EE session mechanism supported by your application server. MashZone NextGen maintains a separate HTTP session for each authenticated user that has a unique session cookie. Each request with a valid MashZone NextGen session cookie extends the timeout limit for that user session.
SSO solutions maintain their own sessions and may use their own session cookies. SSO session cookies can be used to authenticate users in MashZone NextGen. SSO sessions and MashZone NextGen session are separate.
The default session timeout for MashZone NextGen is 30 minutes, defined in the web-apps-home/mashzone/web.xml configuration file. In general, HTTP session timeouts can be configured in web.xml, unless the application server provides other configuration mechanisms. Please see your application server documentation for additional information on session configuration.