How to deal with Oak login token session expiration and token refresh in AEM-

I believe we are all aware with session expiration and token refresh process. We have encountered these two situations with numerous web applications , even with our work day profile also.

Now if it’s required to deal with session expiration and token refresh in AEM instance then we must be thinking do we have any OOTB feature in AEM or we need to develop a custom logic. Yes, we do have following OSGi configuration in AEM: Apache jackrabbit oak TokenConfiguration as shown below -

Let’s suppose we need to set this token expiration time for 30 minutes and also we need to enable the token refresh process.

We can achieve it very easily as shown below -

Please restart the AEM instance after saving these changes.

Here, I have done it on local AEM author instance and I am using AEM 6.5.9.

Definitely 12 hours (default expiration time) is more than enough for content authors and I haven’t seen any content author was asking about session expiration yet. But, it all depends on the requirement.

I have enabled SSO with LDAP and I have integrated AEM 6.5.9 with Apache Directory Studio 2.0.0-M14 as shown below -

1. Here we could see I have created 3 users in LDAP apache directory studio -

2. I have synchronized these apache DS users and imported to AEM -

3. I have captured all these information in ldap.log file (configured in AEM), even authentication part also -

Now if I don’t use this AEM author instance and remain inactive for 30 mins then I will be getting below popup and I have to re login here -

If anyone is interested to capture token expiration and whether token refresh is working or not , then please refer the below sequence -

1. Content author: debalaem logged into AEM at 17:31 pm IST hours, in that case token expiration time would be 18:01 pm IST hours according to the configuration as shown below -

2. Then I was accessing this instance and waiting to reflect the change in expiration time. Yes, after 15 mins expiration time got updated and it was showing 18:16 PM IST hours as shown below -

After setting the token refresh option if we notice login refresh isn’t working then please refer following link : https://helpx.adobe.com/experience-manager/kb/login-session-refresh-not-working.html.

Please review and share your thoughts.