OO-271 fix session timeout config and removed custom 503 error

src/main/java/org/olat/core/dispatcher/DispatcherAction.java

@@ -36,7 +36,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.olat.core.commons.persistence.DBFactory;
-import org.olat.core.defaults.dispatcher.StaticMediaDispatcher;
 import org.olat.core.dispatcher.mapper.GlobalMapperRegistry;
 import org.olat.core.dispatcher.mapper.MapperDispatcher;
 import org.olat.core.logging.OLog;
@@ -334,9 +333,16 @@ public class DispatcherAction implements Dispatcher {
 	}
 
 
+	/**
+	 * Sent to standard 503 if not available
+	 * @param response
+	 */
 	public static void redirectToServiceNotAvailable(HttpServletResponse response) {
-		String pathStaticDir = StaticMediaDispatcher.getStaticMapperPath(); 
-		redirectTo(response, WebappHelper.getServletContextPath() + pathStaticDir + "msg/en/service_not_available.html");
+		try {
+			response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
+		} catch (IOException e) {
+			log.error("Send 503 failed", e);
+		}
 	}
 	
 }

src/main/java/org/olat/core/util/_spring/utilCorecontext.xml

@@ -41,6 +41,7 @@
 		<property name="arguments">
 			<value>
 				session.timeout=${session.timeout}
+				session.timeout.authenticated=${session.timeout.authenticated}
 			</value>
 		</property>
 	</bean>

src/main/resources/serviceconfig/olat.properties

@@ -95,8 +95,15 @@ history.resume.enabled.default.values=none,auto,ondemand
 # the owner of repository-entries of deleted users
 deletionModule.adminUserName=administrator
 
-#session timeout in seconds
-session.timeout=7200
+# Session timeout configuration. 
+# Note that this are default values only. If you want to change the configuration, open the administration panel 
+# in OpenOLAT and change the values there. They are stored in olatdata/system/configuration/ and will override 
+# the values from the olat.local.properties file.
+# a) Session timeout in seconds for not-authenticated sessions (login screen etc). 
+#    Keep small to prevent denial of service attacks. Default is 5 minutes.
+session.timeout=300
+# b) Session timeout in seconds for authenticated users and guest users. Default is two hours.
+session.timeout.authenticated=7200
 
 ########################################################################
 # SMTP (mail) settings

src/main/webapp/static/msg/en/service_not_available.html

-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML>
-<HEAD>
-	<META HTTP-EQUIV="CONTENT-TYPE" CONTENT="text/html; charset=windows-1252">
-	<TITLE>Web 2.0 information</TITLE>
-	<META NAME="GENERATOR" CONTENT="OpenOffice.org 2.3  (Win32)">
-	<META NAME="CREATED" CONTENT="0;0">
-	<META NAME="CHANGED" CONTENT="20080515;17060542">
-	<STYLE TYPE="text/css">
-	<!--
-		@page { size: 21cm 29.7cm }
-	-->
-	</STYLE>
-</HEAD>
-<BODY LANG="en" DIR="LTR">
-<P STYLE="margin-left: 0.26cm; margin-right: 0.26cm; margin-top: 0.26cm; margin-bottom: 0.26cm">
-We are sorry!<BR><BR>The OLAT server is overloaded.<BR>Please try
-again later.</P>
-<P STYLE="margin-left: 0.26cm; margin-right: 0.26cm; margin-top: 0.26cm; margin-bottom: 0.26cm">
-<BR><BR>
-</P>
-<P STYLE="margin-left: 0.26cm; margin-right: 0.26cm; margin-top: 0.26cm; margin-bottom: 0.26cm">
-<BR><BR>
-</P>
-</BODY>
-</HTML>
\ No newline at end of file