Looking for some info on an issue we're having with our ZCS 7.2.0 installation.
We wanted to make it impossible for users to use the "Remember Me" on their Zimbra account.
I found this documentation:
Which suggested that Auth Token Timeout is only used for "Remember Me", and that Session Timeout is operational for as long as the browser window is open, so i've tried setting Auth Token timeout to be 1 second, and then Session time out to 10 hours.
I expected this would mean that the session would last for 10 hours so long as the browser was kept open, but would be terminated instantly if the browser was closed.
However thats not what happens, Setting Auth Token Timeout to 1 second means that as soon as you log in, your instantly logged out again and dropped back to the login screen.
Am i reading the documentation incorrectly, or has something changed?
Is it possible to achieve what i want to happen? IE if someone logs in, and keeps zimbra open in a tab, i'd like it to stay active for 10 hours, but if they close their browser they should be requested to login again if they browse back to zimbra.