We don't have any plans to work on it ourselves, but would happily accept a contribution. It would need to take the approach of different SSO max/idle values for remember me rather than simply ignoring idle as initially proposed.

On 17 August 2016 at 17:53, Valerij Timofeev <valerij.timofeev@gmail.com> wrote:
Thank you Stian.

We will try SSO time-out of 3 days to workaround the current limitation of the "remember me" function.

More optimal solution would be https://issues.jboss.org/browse/KEYCLOAK-1267
Are there any plans to work on it?

2016-08-16 9:45 GMT+02:00 Stian Thorgersen <sthorger@redhat.com>:
Cookie authenticator doesn't start a new session. It can only authenticate the user if the session is still active.

If you want users to remain authenticated for a longer even when inactive you should increase the SSO timeout. That's what it's for.

KEYCLOAK-2741 is about remembering the username so the user only has to provide the password.

On 22 July 2016 at 11:18, Valerij Timofeev <valerij.timofeev@gmail.com> wrote:
https://issues.jboss.org/browse/KEYCLOAK-2741

Hi,

are there any concret plans to implement this ticket?

The current implementation does not find any positive feedback by our customers. We are even thinking about increasing SSO timeout from 30 minutes to a couple of days to compensate at least a little bit the current drawback. Would this break normal operation of the Keycloak servers?

Would it be enough to implement this ticket to provide full "remember me" feature? Can cookie authenticator (auth-cookie) start a new SSO session if the initial one is already expired?

Kind regards
Valerij Timofeev


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user