Are JIRA/Crowd User Sessions Refreshed by Activity?

From what I can tell, user session cookies only contain data about when the session was created.  In my mind, that means a user session will expire after whatever time is set in Session Config > Session timeout (Crowd) or the default session setting in web.xml (JIRA).  The session is not refreshed by user activity.   So, if a user logs into JIRA via a Crowd account at 10am, and the Session timeout in Crowd is set to 60 minutes, the user will be logged out at 11am, regardless of whether they've been actively using JIRA all that time.

Is that a correct understanding?

1 answer

0 votes

That's not correct. Each time that the token is validated, its lifetime it's extended.

Tokens expire after a given time has passed since the last time they were validated, not since they were created.

Diego is there any configurable options that could change this behaviour. I want to force expired user session after amount of time, no meeter if the user was active this time or not? 

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,076 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you