We have an application which uses LDAP Authentication. When user log into application with userID "A" and keep browser idle for 30mins and click on any link it will re-direct to login screen. Now If I try to login with userID "B" I'm getting and error "May Not Change Username during Timeout revalidation". But I want it to allow for UserID "B" after authentication Time-out.
For actual behavior check below link. But I need to change that behavior.
There is a check done at the engine level that does not allow for different users to login after a timeout. That will not be changing as it's a security issue to have different users access the same requestor. That is what would occur if we allowed that behavior.
If I may offer an alternative.
A very popular timeout behavior is to log the users off when they are idle for "x" amount of time. The nature of work item progression and saves doesn't result in data loss except for forms that may have had user content added before the timeout occurred.
If you log the users off after a timeout then the old user requestor is cleared and subsequent logins for a new user use a new requestor.