<div dir="ltr">Thanks, Stian. I think upgrading to Keycloak 1.0.1 Final will do the trick for me. I have been using Keycloak 1.0 Final.<div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Oct 13, 2014 at 2:49 AM, Stian Thorgersen <span dir="ltr"><<a href="mailto:stian@redhat.com" target="_blank">stian@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Not quite sure what you mean about secret timeouts. It's configurable in the admin console and the way it's supposed to work is:<br>
<br>
* Idle timeout - requires a token refresh within the specified interval otherwise the session will expire<br>
* Max timeout - the session will expire after this amount of time no matter what<br>
<br>
On top of that for the session to survive a browser restart the user has to check the remember-me option.<br>
<br>
If the behaviour you observe differs from this it's a bug. What version are you using? There was some related fixes in 1.0.1.Final (KEYCLOAK-689).<br>
<div><div class="h5"><br>
----- Original Message -----<br>
> From: "Alarik Myrin" <<a href="mailto:alarik@zwift.com">alarik@zwift.com</a>><br>
> To: <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> Sent: Friday, 10 October, 2014 5:47:54 PM<br>
> Subject: [keycloak-user] Is there a secret maximum SSO Idle Timeout<br>
><br>
> A while ago I raised KEYCLOAK-686 about the fact that there is a secret<br>
> maximum SSO Session Max Lifespan that is not evident or validated by the<br>
> admin web application.<br>
><br>
> I think the same thing is probably true of SSO Idle Timeout. If I set this to<br>
> something like 30 days, and I leave something idle overnight, I hit the SSO<br>
> Idle Timeout anyway. I'm not sure what the real maximum is for SSO Idle<br>
> Timeout, but it seems like it is maybe measured in hours.<br>
><br>
> Alarik<br>
><br>
><br>
</div></div>> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</blockquote></div><br></div>