Session Timeout
If you leave your CDM session idle for a long period of time, CDM will require you to log back in.
Error Message
Current User Token Expired

Error Log
920 [8] ERROR Ibm.CognosDM.Services.Exceptions.CdmErrorHandler - (null) Error Code: 'CoreSecurityTokenIsInvalid'. Exception Token: 'b288d72c-82c1-46c3-a276-de56c200efd4'.Security token must be renewed. Action: 'http://tempuri.org/IReportObjectContentService/GetRefreshedReportObject' ? ? ? Ibm.CognosDM.BusinessLogic.Security.Authentication.AuthenticationException: Error Code: 'CoreSecurityTokenIsInvalid'. Exception Token: 'b288d72c-82c1-46c3-a276-de56c200efd4'.Security token must be renewed. Action: 'http://tempuri.org/IReportObjectContentService/GetRefreshedReportObject'
at Ibm.CognosDM.BusinessLogic.Security.Authorization.SecurityTokenAuthorizationBusinessLogic.AuthorizeUserSessionInternal(UserSession userSession)
at Ibm.CognosDM.BusinessLogic.Security.Authorization.SecurityTokenAuthorizationBusinessLogic.AuthorizeSecurityToken(String securityToken)
at Ibm.CognosDM.Services.CustomHeaders.SecurityToken.SecurityTokenBehaviorAttribute.SecurityTokenMessageInspector.AuthorizeSecurityToken(String securityToken)
at Ibm.CognosDM.Services.CustomHeaders.SecurityToken.SecurityTokenBehaviorAttribute.SecurityTokenMessageInspector.AfterReceiveRequest(Message& request, IClientChannel channel, InstanceContext instanceContext)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Cause
You have reached the idle session timeout.
Solution
Click Restart to restart CDM.
If timeouts are occurring more frequently than expected, discuss with your administrator regarding adjusting two settings related to user session expiration. These settings are related to the security of the user session; they should not be increased beyond the business need to do so. Verify that the settings will remain in compliance with all applicable security policies.
In the Config\CDM.config file on the server, you can find the following section:
<Session>
<SessionExpiration enabled="true" timeAfterLogOn="1.00:00:00" acceptedIdleTime="02:00:00" />
</Session>
The timeAfterLogOn setting is the time after log on for which a session is valid, regardless of user activity. After this time expires, you must log in again. Default setting is 1 day (24 hours).
The acceptedIdleTime setting is the time of inactivity after which the session expires. Default setting is 2 hours.
The format for both settings is [d.]hh:mm:ss, where [d.] is the optional number of days.
Examples:
1 day = 24 hours: 1.00:00:00
12 hours: 12:00:00
5 minutes: 00:05:00