[security-dev] SP side Http session time-out period

Adam Dong adamdong at vidder.com
Tue Nov 25 19:53:00 EST 2014


If I used ServiceProviderAuthenticator as my SP side, once a valid assertion comes back from IDP, and SP checked the assertion and created the local HttpSession (it is an HttpSession, right ?), what is that session's time-out period ? Is it configurable ?


More information about the security-dev mailing list