[keycloak-user] (no subject)
Josh Cain
jcain at redhat.com
Thu Oct 27 09:23:11 EDT 2016
Interesting - and what of the SAML Use case? Typically SAML SP's are
going to consume the assertion and then establish a session with the
end user. Seems like a valid use case to notify these consumers so
that there aren't lingering sessions if their expiry happens to be
longer than the IDP.
On Thu, 2016-10-27 at 12:15 +0200, Stian Thorgersen wrote:
> No, there is no notification in this case. Only if user or admin
> actively
> logs out the session.
>
> As access tokens have short expiration the applications would notice
> the
> session idle in either case when trying to refresh the token, so I
> don't
> think it's needed.
>
> On 27 October 2016 at 11:29, Rickard Östergård <rickard.ostergard at gma
> il.com>
> wrote:
>
> >
> > Hi,
> >
> > I have a question about user session expiration.
> >
> > When the SSO Session Idle or SSO Session Max times are reached the
> > auth
> > server will invalidate the user session. Will the clients that have
> > initiated these session be notified? Hence, are the clients logged
> > out (via
> > the admin url) when the auth server expires a user session?
> >
> > If not, is this a feature that will be implemented in coming
> > releases ?
> >
> > Best regards,
> > Rickard
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list