What are the MaxSessionTime and MaxIdleTime session parameters and their possible values?
MaxSessionTime is the maximum length of time in which an authenticated session remains valid. The value, which can be 1 minute or more, defaults to 120 minutes. Theoretically, MaxSessionTime can take a value up to 2 to the power 63 minus 1, but that would mean a never-ending session and hence weak security. You can set up the idle time such that the session expires after inactivity for a certain period of time. However, relying only on inactivity to terminate user sessions is a security risk. MaxIdleTime is the length of time in which the session remains inactive before it expires unless it does so on its own if MaxSessionTime is shorter than MaxIdleTime. It is recommended that you set the MaxSessionTime value to one that’s higher than the value for MaxIdleTime and MaxIdleTime to a relatively low value. The attribute syntax is number, which is represented as an integer in service management. number can take the maximum integer value up to 2 to the power 31 minus 1, which is equal to 21
