3:58 p.m.
Hi,
I have one doubt related to these two fields: SSO session idle and SSO
session idle max in keycloak token settings
In our case it is been 30 minutes set as session idle , so webpage
should get logout within 30 minutes. But we can observe it is not
logging out after described time. We have also tried by setting to 2-3
minutes, but it’s not happening.
But, when we set Session_max to 3 minute, then webpage is getting
logout after 3 minutes.
So, basically it is taking session_max but session_idle is not working
in our project.
Could anyone please explain this behavior ? As per my understanding
session idle time is not working. or I am not sure Is this expected
behavior of keycloak or not ?
Thanks in advance !
Regards,
Khyati Kataria
5:37 a.m.
Hello Khyati,
On Mon, Jun 17, 2019 at 11:01 PM Khyati Kataria <katariakhyati11(a)gmail.com>
wrote:
Hi,
I have one doubt related to these two fields: SSO session idle and SSO
session idle max in keycloak token settings
In our case it is been 30 minutes set as session idle , so webpage
should get logout within 30 minutes. But we can observe it is not
logging out after described time. We have also tried by setting to 2-3
minutes, but it’s not happening.
Please have a look at the note in the "*13.3. Session and Token Timeouts*"
<https://www.keycloak.org/docs/latest/server_admin/index.html#_timeouts>
section
(below that table describing meaning of those options).
Per that note, when *SSO Session Idle* set to 30 minutes, the session won't
be
invalidated after exactly 30 minutes, but rather after 32 minutes. That
note explains,
why this behaviour is needed / necessary.
But, when we set Session_max to 3 minute, then webpage is getting
logout after 3 minutes.
For *SSO Session Idle* each any client requesting authentication or refresh
token within
the timeout will bump the timeout value again. On the other hand, *SSO
Session Max*
value is a hard timeout -- the session will be invalidated / expire after
this period of
time regardless of user (in)activity (if there were some requests in
between or not).
So, basically it is taking session_max but session_idle is not working
in our project.
See above.
Could anyone please explain this behavior ? As per my understanding
session idle time is not working. or I am not sure Is this expected
behavior of keycloak or not ?
Thanks in advance !
Regards,
Khyati Kataria
HTH
Regards, Jan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2487
days inactive
2494
days old
1 comments
2 participants
participants (2)
-
Jan Lieskovsky -
Khyati Kataria