Hello,
we have a free version of MM v4.1.0 in our company and we like it a lot. The only thing that’s bugging us is the auto log out logic which seems to ignore user activity. Usually, if a user performs some active tasks while logged in, a system keeps him/her logged in until he/she does not log out explicitly or a predetermined period of inactivity has elapsed. In MM, we thought this period is set up in the system console under security->sessions. However, this period only takes into consideration when the user logged in and not what he/she was doing.
Summary
Even if a user uses the chat on a daily basis, they are still logged out after Session length days (set to e.g. 10).
Steps to reproduce
- Set up 10 days under security->sessions->Session length AD/LDAP and email.
- Log in on, let’s say, the 10th of January
- Work every day
- On the 20th you will be logged out even in the middle of writing your message
Expected behavior
MM should consider user activity when expiring the session. Is there configuration setup which allows me to expire a user’s session if he/she is inactive for a long period of time but keeps the session valid if the user is active. I don’t think setting session length to some insane high number is the correct approach. Quite the contrary, I would like to set the limit up pretty tightly, like 1-2 days of inactivity, but I obviously don’t want to punish everyone who is actively using MM at the moment.
A related problem is that if you are logged out, the desktop application does not change the systray icon or let’s you know in any way that you have been logged out without actually checking the app window. MM desktop app should let you know visually that you have been auto logged out (also, at least the desktop app should (optionally) remember your credentials and log you back in without interaction).
Observed behavior
Described above.