Questions answered by this recipe
- How to force users to login again if they remained inactive too long ?
$InactivityTimeout = <your value in seconds>; include_once('cookbook/InactivityTimeout.php');
The default timeout is 600 seconds.
PHP options (usually set in php.ini) like 'session.gc_maxlifetime' can cause the sessions to expire before $InactivityTimeout seconds. This recipe only makes sure no authenticated user will remain authenticated longer than $InactivityTimeout, not that he will allways remain authenticated $InactivityTimeout seconds.
See discussion at InactivityTimeout-Talk