[keycloak-user] Is there a secret maximum SSO Idle Timeout

[Alarik Myrin]

Thanks, Stian.  I think upgrading to Keycloak 1.0.1 Final will do the trick
for me.  I have been using Keycloak 1.0 Final.



On Mon, Oct 13, 2014 at 2:49 AM, Stian Thorgersen <stian at redhat.com> wrote:

> Not quite sure what you mean about secret timeouts. It's configurable in
> the admin console and the way it's supposed to work is:
>
> * Idle timeout - requires a token refresh within the specified interval
> otherwise the session will expire
> * Max timeout - the session will expire after this amount of time no
> matter what
>
> On top of that for the session to survive a browser restart the user has
> to check the remember-me option.
>
> If the behaviour you observe differs from this it's a bug. What version
> are you using? There was some related fixes in 1.0.1.Final (KEYCLOAK-689).
>
> ----- Original Message -----
> > From: "Alarik Myrin" <alarik at zwift.com>
> > To: keycloak-user at lists.jboss.org
> > Sent: Friday, 10 October, 2014 5:47:54 PM
> > Subject: [keycloak-user] Is there a secret maximum SSO Idle Timeout
> >
> > A while ago I raised KEYCLOAK-686 about the fact that there is a secret
> > maximum SSO Session Max Lifespan that is not evident or validated by the
> > admin web application.
> >
> > I think the same thing is probably true of SSO Idle Timeout. If I set
> this to
> > something like 30 days, and I leave something idle overnight, I hit the
> SSO
> > Idle Timeout anyway. I'm not sure what the real maximum is for SSO Idle
> > Timeout, but it seems like it is maybe measured in hours.
> >
> > Alarik
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141013/ae046973/attachment.html