Salesforce.com : Setting Session Security - 'Force logout on timeout = true'

Information

This setting controls whether sessions time out for inactive users, current sessions become invalid. Browsers are automatically refreshed and return to the login page. To access the organization again when this occurs, users must log in again.

Solution

Set the value of forceLogoutOnSessionTimeout to true.

See Also

http://help.salesforce.com/help/pdfs/en/salesforce_security_impl_guide.pdf

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-12

Plugin: Salesforce.com

Control ID: 8c34c556b337f1278a89dac9a17fc7995d893e6ed9bfe7d60a62537137bd0ae4