[security-dev] SP side Http session time-out period
Michael Cirioli
mcirioli at redhat.com
Tue Nov 25 20:02:23 EST 2014
I believe you can configure sp session lifetimes in your apps web.xml
<session-config>
<session-timeout>15</session-timeout>
</session-config>
-mike cirioli
Hi,
If I used ServiceProviderAuthenticator as my SP side, once a valid assertion comes back from IDP, and SP checked the assertion and created the local HttpSession (it is an HttpSession, right ?), what is that session's time-out period ? Is it configurable ?
Thanks,
Adam
_______________________________________________
security-dev mailing list
security-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list