Is there any configuration to set up a maximum lifetime for the sessions? This is different from SessionTimeout parameter here, because it looks like more about the user activity, and it is being refreshed every client action on the browser. What we are looking for is that even the user is active on the browser, the session will be killed let's say after MaxSessionLifetime duration.
TAHA BERKAY DUMAN
You can achive that with a scheduled event that deletes the sessions after a certain time. Also look at the lastlogin of the account.