About session timeout and remember me default values

Stefano Coletta September 11, 2019

Currently, among all Atlassian products I'm using I've noticed that there are different timeout values defaults regarding authentication and "Remember me" feature.

ApplicationAuthentication TimeoutRemember me Timeout
JIRA300 mins (5h)2 weeks
Confluence60 mins (1h)2 weeks
Bitbucket30 mins4 weeks
Bamboo30 mins2 weeks

Why not making them equal?

I would like to discuss/know the rationale behind these differences and if it is the case to align them all or leaving them unchanged or just make some changes.

Since the differences are big I was wondering why they are so different.

1 comment

Comment

Log in or Sign up to comment
Nate Moseley September 13, 2019

An additional note that further confuses things, 2147483 is apparently the max (seconds) remember me timeout in JIRA, and anything above that value causes NullPointerExceptions. So setting consistent values across the different services is not intuitive. https://jira.atlassian.com/browse/JRASERVER-25985

Like Stefano Coletta likes this
Stefano Coletta September 16, 2019

2147483 seconds are about 3,5 weeks, that is why JIRA remember me is set to 2 weeks! From what you discovered, you can't set it to 4 weeks to align with Bitbucket for example... so maybe we can raise it to 3 weeks and lower down the Bitbucket one to 3 weeks also...

TAGS
AUG Leaders

Atlassian Community Events