Re: [keycloak-user] [KEYCLOAK-2741] Don't remove KEYCLOAK_REMEMBERME cookie when sso session expires. Add timeout for KEYCLOAK_REMEMBERME cookie - JBoss Issue Tracker

Cookie authenticator doesn't start a new session. It can only authenticate the user if the session is still active. If you want users to remain authenticated for a longer even when inactive you should increase the SSO timeout. That's what it's for. KEYCLOAK-2741 is about remembering the username so the user only has to provide the password. On 22 July 2016 at 11:18, Valerij Timofeev <valerij.timofeev(a)gmail.com&gt; wrote: > https://issues.jboss.org/browse/KEYCLOAK-2741 > > Hi, > > are there any concret plans to implement this ticket? > > The current implementation does not find any positive feedback by our > customers. We are even thinking about increasing SSO timeout from 30 > minutes to a couple of days to compensate at least a little bit the current > drawback. Would this break normal operation of the Keycloak servers? > > Would it be enough to implement this ticket to provide full "remember me" > feature? Can cookie authenticator (auth-cookie) start a new SSO session if > the initial one is already expired? > > Kind regards > Valerij Timofeev > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >