3:59 p.m.
Hello,
We are designing an Angular 7 application with Keycloak IDM. What sets this application
apart from other Angular/Keycloak applications we designed is this application has a use
case for users of a certain group (e.g. support desk users) to have a session timeout of 8
hours while “normal” users have a 30 minute timeout.
Any guidance on implementing such a use case?
Thanks!
Dave
Dave Everson
Application Architect | Custom Applications
Minnesota IT Services | Partners in Minnesota Department of Health
625 Robert Street North
St. Paul, MN 55155
O: 651-201-5216
Information Technology for Minnesota Government | mn.gov/mnit<http://mn.gov/mnit>
[Minnesota IT Services Logo]
[Facebook logo]<https://www.facebook.com/MN.ITServices>[LinkedIn
logo]<https://www.linkedin.com/company/mn-it-services>[Twitter
logo]<https://twitter.com/mnit_services>
2:21 a.m.
Token lifespan is per realm setting and you can use multiple realms for different type of
users and settings. In a multi realms scenario you may need oauth2 multi-tenant
applications or you have to replicate them to work with multiple realms. It’s not easy.
You can probably play with refresh-token to keep your access-token fresh (in your angular
app).
Lorenzo
Il giorno 19 feb 2019, alle ore 22:59, Everson, David (MNIT)
<david.everson(a)state.mn.us> ha scritto:
Hello,
We are designing an Angular 7 application with Keycloak IDM. What sets this application
apart from other Angular/Keycloak applications we designed is this application has a use
case for users of a certain group (e.g. support desk users) to have a session timeout of 8
hours while “normal” users have a 30 minute timeout.
Any guidance on implementing such a use case?
Thanks!
Dave
Dave Everson
Application Architect | Custom Applications
Minnesota IT Services | Partners in Minnesota Department of Health
625 Robert Street North
St. Paul, MN 55155
O: 651-201-5216
Information Technology for Minnesota Government | mn.gov/mnit<http://mn.gov/mnit>
[Minnesota IT Services Logo]
[Facebook logo]<https://www.facebook.com/MN.ITServices>[LinkedIn
logo]<https://www.linkedin.com/company/mn-it-services>[Twitter
logo]<https://twitter.com/mnit_services>
<image001.png><image002.png><image003.png><image004.png>_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:36 a.m.
There's also support for requiring re-authentication in apps that shouldn't
support long sessions.
On Wed, 20 Feb 2019, 09:23 Lorenzo Luconi Trombacchi, <
lorenzo.luconi(a)iit.cnr.it> wrote:
Token lifespan is per realm setting and you can use multiple realms
for
different type of users and settings. In a multi realms scenario you may
need oauth2 multi-tenant applications or you have to replicate them to work
with multiple realms. It’s not easy.
You can probably play with refresh-token to keep your access-token fresh
(in your angular app).
Lorenzo
> Il giorno 19 feb 2019, alle ore 22:59, Everson, David (MNIT) <
david.everson(a)state.mn.us> ha scritto:
>
> Hello,
>
> We are designing an Angular 7 application with Keycloak IDM. What sets
this application apart from other Angular/Keycloak applications we designed
is this application has a use case for users of a certain group (e.g.
support desk users) to have a session timeout of 8 hours while “normal”
users have a 30 minute timeout.
>
> Any guidance on implementing such a use case?
>
> Thanks!
> Dave
>
> Dave Everson
> Application Architect | Custom Applications
> Minnesota IT Services | Partners in Minnesota Department of Health
> 625 Robert Street North
> St. Paul, MN 55155
> O: 651-201-5216
> Information Technology for Minnesota Government | mn.gov/mnit<
http://mn.gov/mnit>
> [Minnesota IT Services Logo]
> [Facebook logo]<https://www.facebook.com/MN.ITServices>[LinkedIn logo]<
https://www.linkedin.com/company/mn-it-services>[Twitter logo]<
https://twitter.com/mnit_services>
>
>
<image001.png><image002.png><image003.png><image004.png>_______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2150
days inactive
2151
days old
2 comments
3 participants
participants (3)
-
Everson, David (MNIT) -
Lorenzo Luconi Trombacchi -
Stian Thorgersen