I think I know what's going on. Could you please create JIRA and assign
to me?
BTV. We never tested setup where accessTokenLifespan is bigger than
session idle timeout. It's a bit strange setup as your session will
most likely always timeouts before you have a chance to refresh tokens.
So user will defacto need to re-login every 15 minutes. But if you are
fine with this limitation, then ok :)
Marek
On 13/03/18 22:00, Jordan Keith wrote:
I am using version 3.4.3.
Thanks,
Jordan
------------------------------------------------------------------------
*From: *"Marek Posolda" <mposolda(a)redhat.com>
*To: *"Jordan Keith" <j.keith(a)xsb.com>, "keycloak-user"
<keycloak-user(a)lists.jboss.org>
*Sent: *Tuesday, March 13, 2018 4:31:17 PM
*Subject: *Re: [keycloak-user] "You took too long to login" after
first login request after SSO session idle occurs (NOT login timeout)
What is Keycloak version used? Could you try with latest 3.4.3?
Marek
On 12/03/18 13:22, Jordan Keith wrote:
> We have set the SSO Session Idle to 13 minutes to match our access
token lifespace of 15 minutes in order to workaround the fact that
browsers may not delete session cookies. This has caused another
issue, whereby the user receives the error "You took too long to
login. Login process starting from beginning" even when they spend no
time waiting on the login screen in a certain scenario. Here's the
scenario:
>
> 1). Log into application.
> 2). Close browser tab containing application.
> 3). Wait 15 minutes (SSO idle + 2 minute grace period)
> 4). Open application again. You'll be directed to the login page by
keycloak.
> 5). Attempt to login and receive the error "You took too long to
login. Login process starting from beginning."
>
> Why do I receive this error even when I attempt to login immediately
after opening the log in page?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user