Story #17: Implement Secure Session Management and Timeouts - Tingg - Redmine

Actions

Story #17

open

Epic #1: Access Control & Identity Management

Status:

New

Priority:

Medium

Assignee:

Target version:

Start date:

12/24/2025

Due date:

% Done:

Estimated time:

Acceptance Criteria:

1. Session timeout is configurable
2. Secure cookies are enforced
3. Sessions are invalidated on logout
4. Session hijacking protections are enabled

DOR:

Story Points:

Work Type:

Feature

User Impact:

Technical Area:

Release Narrative:

Planned Sprint:

Completed In Sprint:

Spillover Reason:

Deployment Reference URL:

Description

User Story:

As a security administrator,
I want user sessions to expire automatically,
So that unattended sessions cannot expose PHI.

No data to display

Actions

Also available in: Atom PDF