Aller au contenu principal

3.1.4 Session Options

Session Options

"Save Page Info When Session Expires" is a newly introduced function, and its working principles are as follows.

  • When enabled, click "Login", a new browser page will be opened if the session expires. The browser cookie will be refreshed once login successfully, while allowing to continue submitting in the original browser page.
  • When disabled, click "Login", the current page will be refreshed if the session expires.

Auth Options - Session Options provides visual encryption configuration for MK-pass, offering two session scope choices.

This system

  • Session Scope: No encryption method needs to be set. Single sign-on with EKP is disabled.
  • Session Validity: Set the validity duration of the session. The default is 480 minutes (Minimum 10 minutes), with auto renewal every 5 minutes. For example, if the duration is set to 15 minutes, the session will close after 15 minutes, requiring users to log in again. If an operation is performed within 5 minutes, the duration will refresh and continue counting for another 15 minutes.

Figure 3.1-1 This System Configuration

Multi-system Sharing

  • Session Scope: Users can configure the encryption method. To enable single sign-on with EKP, please ensure the encryption method, key, cookie name, and cookie settings match those in the System Security of the admin.do configuration page in EKP.
  • Validity Duration: Set the validity duration for the session, the minimum is 30 minutes. Once set, users will need to log in again if perform no operations during the validity duration.
  • Auto-refresh Token Interval: After setting the auto-refresh time, the system will update the token at designated intervals. If users perform operations within the interval, the session duration will refresh.

Figure 3.1-2 Multi-system Sharing Configuration Parameter Description:

  • Encryption Method: Ltpa Token, LR Token
  • Key: Automatically generated or manually entered
  • Cookie Name: LtpaToken or LRToken
  • Cookie Scope: .ywork.me
  • Enable SSL: Default is off. Can be manually enabled. When enabled, cookies will not be generated when accessing via HTTP, except for ternary accounts.
  • Validity Duration: Default is 480 minutes, minimum is 30 minutes.
  • Auto-refresh Token Interval: Default is no refresh. Minimum is 10 minutes. If set, the session validity will be refreshed at the configured time interval.

Before configuring single sign-on, ensure the EKP and MK Digital Work Platform systems share the same domain suffix, e.g., landray.com.cn. The system security config in the admin.do page of the EKP system.