Configuring authentication errors and sessions 

Session Configuration

  • Log in to the WBM. 

Return to topicHow do I get to the WBM again? Click here for more information... 

Establishing a connection to the Web-based Management (WBM):

  • Open a web browser on your computer.
  • In the address field, enter the URL https://<IP-address-of-the-controller>/wbm,
    for example:

For further information, see WBM.

  • Open the User authentication page (Security → User authentication). 

On the Session Configuration tab, you configure the maximum session time, the timeout penalty times and the maximum number of concurrent sessions. 

In the following screenshot you see the default settings:  

  • Maximum session time: After 20 minutes of inactivity the session is automatically closed. 
  • Exclude admin users from timeout:  This setting applies to all users for whom the "Admin Ruleset" ruleset is stored.
    Note: Check if you really want to exclude users from the timeout and adjust the setting if necessary.
  • Initial timeout: After three failed password attempts, there is a penalty time of 10 seconds. 
  • Timeout  increment: After four failed password attempts, there is an additional penalty time of 30 seconds. 
  • Maxiumum timeout: The maximum timeout is 3600 seconds. This means that you can then start another password attempt every 3600 seconds. 
    Alternatively, you can ask the admin to delete your user and create a new one. Then you can start entering the password again.
  • Maximum concurrent sessions: With this configuration, you define how many communication channels may exist simultaneously. Adjust the value to your circumstances if necessary. Keep in mind the principle of least functionality!



•  Web browser recommendation: Chrome/Edge 88 or newer, Firefox ESR 90 or neweror Safari  • 
• Published/reviewed: 2023-11-02 • Revision 011 •