Thanks, Stian. I think upgrading to Keycloak 1.0.1 Final will do the trick
for me. I have been using Keycloak 1.0 Final.
On Mon, Oct 13, 2014 at 2:49 AM, Stian Thorgersen <stian(a)redhat.com> wrote:
Not quite sure what you mean about secret timeouts. It's
configurable in
the admin console and the way it's supposed to work is:
* Idle timeout - requires a token refresh within the specified interval
otherwise the session will expire
* Max timeout - the session will expire after this amount of time no
matter what
On top of that for the session to survive a browser restart the user has
to check the remember-me option.
If the behaviour you observe differs from this it's a bug. What version
are you using? There was some related fixes in 1.0.1.Final (KEYCLOAK-689).
----- Original Message -----
> From: "Alarik Myrin" <alarik(a)zwift.com>
> To: keycloak-user(a)lists.jboss.org
> Sent: Friday, 10 October, 2014 5:47:54 PM
> Subject: [keycloak-user] Is there a secret maximum SSO Idle Timeout
>
> A while ago I raised KEYCLOAK-686 about the fact that there is a secret
> maximum SSO Session Max Lifespan that is not evident or validated by the
> admin web application.
>
> I think the same thing is probably true of SSO Idle Timeout. If I set
this to
> something like 30 days, and I leave something idle overnight, I hit the
SSO
> Idle Timeout anyway. I'm not sure what the real maximum is for SSO Idle
> Timeout, but it seems like it is maybe measured in hours.
>
> Alarik
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user