[keycloak-user] Is there a secret maximum SSO Idle Timeout
Stian Thorgersen
stian at redhat.com
Mon Oct 13 02:49:26 EDT 2014
Not quite sure what you mean about secret timeouts. It's configurable in the admin console and the way it's supposed to work is:
* Idle timeout - requires a token refresh within the specified interval otherwise the session will expire
* Max timeout - the session will expire after this amount of time no matter what
On top of that for the session to survive a browser restart the user has to check the remember-me option.
If the behaviour you observe differs from this it's a bug. What version are you using? There was some related fixes in 1.0.1.Final (KEYCLOAK-689).
----- Original Message -----
> From: "Alarik Myrin" <alarik at zwift.com>
> To: keycloak-user at lists.jboss.org
> Sent: Friday, 10 October, 2014 5:47:54 PM
> Subject: [keycloak-user] Is there a secret maximum SSO Idle Timeout
>
> A while ago I raised KEYCLOAK-686 about the fact that there is a secret
> maximum SSO Session Max Lifespan that is not evident or validated by the
> admin web application.
>
> I think the same thing is probably true of SSO Idle Timeout. If I set this to
> something like 30 days, and I leave something idle overnight, I hit the SSO
> Idle Timeout anyway. I'm not sure what the real maximum is for SSO Idle
> Timeout, but it seems like it is maybe measured in hours.
>
> Alarik
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list