3 Replies Latest reply on Mar 22, 2018 9:31 AM by Brandon Babbitt

    Tableau Server - Idle Session Time Settings

    Ankit Patel

      Hi,

       

      I am looking to decrease the amount of time a User is kept active on Tableau Server. I am currently running 10.2.x version and installed on Single Windows VM.

       

      I have configured the following but from testing it seems that the session idle time is exceeding 30 minutes. Ideally, I would want to kick-out user if being idle for more than 15 minutes mark and they will have to re-authenticate to re-activate the session.

      What am I missing? My architecture is Portal --> SAML Auth --> Load Balancer --> Tableau Server on listening on Port 443

       

      Tabadmin commands I ran are below:

      tabadmin stop

      tabadmin set vizqlserver.session.expiry.timeout 15

      tabadmin set vizqlserver.clear_session_on_unload true

      tabadmin set wgserver.session.idle_limit 15

      tabadmin set wgserver.session.lifetime_limit 120

      tabadmin set wgserver.session.apply_lifetime_limit true

      tabadmin configure

      tabadmin start

       

      Above commands are captured in tabsvc.yml file (C:\Tableau\Tableau Server\config\tabsvc.yml)

      vizqlserver.session.expiry.timeout: 15

      vizqlserver.clear_session_on_unload: true

      wgserver.session.idle_limit: 15

      wgserver.session.lifetime_limit: 120

      wgserver.session.apply_lifetime_limit: true

       

      Any input would be helpful. Thank you.

        • 1. Re: Tableau Server - Idle Session Time Settings
          Jeff Strauss

          I'm not sure why you want such a short timespan for this as the web session doesn't really take up much if any in terms of resources, so that's why it's set at a default of 240.  But in any case, I believe that the limit set via tabadmin is not down to an exact minute as Tableau Server has internal cleanup processes that are activated once every 20 minutes.  You can view this under the built-in admin reports (background tasks for non-extracts), and look for "purge expired wg sessions".  So if the wgsession expired at let's say 8:05am, and the cleanup process runs at 8am, then again at 8:20am, then the wg session gets a 15 minute grace.

          • 2. Re: Tableau Server - Idle Session Time Settings
            Ankit Patel

            It's got nothing to do with resources or the internal cleanup processes. I am simply looking for Idle session of any user logged-in to be killed (log out of Tab Server) if it crosses 15 minute mark. This is one of the requirements that I need to meet. Is there not a solution for it? Not looking to kill any other processes that Tableau Server is running in background including "purge expired wg sessions" for cleanup process - these can remain active.

            • 3. Re: Tableau Server - Idle Session Time Settings
              Brandon Babbitt

              I'm not 100% certain on this, but if you're using SAML I believe you'll need to modify the "maxAuthenticationAge" value on the IdP side of things and make sure it matches the wgserver.saml.maxauthenticationage value on the Tableau Server side.