LTPA Timeout in WebSphere Application Server (Authentication Timeout)


Web techniques like AJAX are designed for “long user sessions” especially in an business context.

In WebSphere an user session is limited by two timeouts:
  • JSession (Plain Java Session ID)
  • Lightweight Third-Party Authentication (LTPA) - IBMs proprietary authentication mechanism
If you need to increase the Session-Timeout to large values (like 8 h) you may observe some side effects of the LTPA security technology.