Now I have changed this "3600" to 300 sec.
It is not working. I have didn't do any activity in GUI for up to 8 mins.
After that I refresh the page then it is redirecting to the same page.
Expectation: It should log out and again we need to log in the GUI to access that.
As long as something is polling the backend, the session will not expire. This is by design and cannot be changed in configuration.
The behavior is hardcoded in the rpcd backend service and needs recompilation to disable it.
Whenever something reads the session, the expiry timer is reset. Only when the session is not touched for 3600 (or in your case 300) consecutive seconds, rpcd will purge it from memory.
Various LuCI pages have XHR background polling functionality which will fetch JSON data every 5 seconds. These polls will reset the expiry timer on every request.
Hi @jow
Thanks for your explanation. It helps us a lot.
But when I didn't touch the session for 300 consecutive sec, still not coming to the logout page.
Run ubus call session list from an SSH session. If the expiry timer keeps resetting, something is keeping the session active, e.g. a background XHR poll on an open browser tab or similar.
If your problem is solved, feel free to mark the relevant post as the solution; and edit the title to add "[SOLVED]" to the beginning (click the pencil behind the topic).