Changing Plone login timeout

After working with Plone with Active Directory for a local Intranet system, I found that my user account was automatically being signed out after 2 hours.

To change these settings, browse to the below location (Adjusting the URL as appropriate for your Plone installation). Ensure you are logged in with a Zope user rather than Plone user to ensure you have access to manage_main.

http://my.plone.site/acl_users/session/session/manage_propertiesForm

Here you will see various options, adjust the following lines (The first should be set to 0 to disable the validity timeout, the second should be set to the number of days you wish to remain logged in for):

Cookie validity timeout (in seconds): 0
Cookie lifetime (in days): 14

Obviously this is could be considered a security concern but given this site is only accessible internally on my network I am not overly concerned. Caution should be taken when changing this option on a publically accessible site.

To confirm that this has worked, login to your Plone site with a plone user once more and look at the cookies provided to the site after login (F12 DevTools in Google Chrome and go to the Cookies tab). You should see a cookie similar to the below, with the expiry date 14 days in the future.

Any comments or questions? Get in touch here or Email me at [email protected]