In Apex 3.2.1 the session cookie, whose settings are under the current authentication scheme / cookie attributes, expires when the browser closes it's instance.
Is there any way to extend this, so people can return already logged in the next day? This only for one application.
I have access to workspace admin and workspace db schema, nothing beyond that.
If there are security reasons why the session cookie is so limited i like to hear that too.
Edited by: pdj_nl on 20-okt-2010 1:31
Hello Peter, >> In Apex 3.2.1 the session cookie, whose settings are under the current authentication scheme / cookie attributes, expires when the browser closes it's instance.
This is not a typical behavior to APEX 3.2.1 but to all APEX versions. The authentication process has a life span of a single APEX session, or less. As of APEX 3.2, you can determine the max idle time allowed to an APEX session, and it will be terminated if this time passed, even if the browser remains open. However, you can’t expand the session (or to be more exact, the valid session ID) behind the scope of a single login process. Usually we are fighting to terminate it even sooner, for example, if a user performed a logout but didn’t closed the browser, we don’t want the option of using the ‘back’ button to allow him/her to retrieve a valid session and continue working.
If you have a single application where login or proper authentication is of no value, just make it public and the user will not have to login even once. In any other situation, the APEX session is restricted as this is the true meaning of proper authentication.
♦ Please remember to mark appropriate posts as correct/helpful. For the long run, it will benefit us all.
♦ Author of Oracle Application Express 3.2 – The Essentials and More