[keycloak-user] Clarification on Remember Me Functionality

Kalinga Dissanayake kalinga at leapset.com
Wed Apr 29 05:17:40 EDT 2015


Sorry for the confusion.
Let me rephrase, please correct me if I am wrong.
 
This is my requirement
If a user logins via keycloak without ticking "remember me", I need the session on keycloak to timeout after 20 minutes. (in case its idle)
If a user logins via keycloak ticking "remember me", I need the user to be "remembered" on keycloak for 12 weeks irrespective of whether the user continues to interact with keycloak or not. Something like facebook.
 
Just saw this thread as well
[ http://ux.stackexchange.com/questions/62857/which-remember-me-option-is-the-best/62862#62862 ]( http://ux.stackexchange.com/questions/62857/which-remember-me-option-is-the-best/62862#62862 )
 
Hope my requirement is clear.
 
Kalinga


-----Original Message-----
From: "Stian Thorgersen" <stian at redhat.com>
Sent: Wednesday, April 29, 2015 1:43pm
To: "Kalinga Dissanayake" <kalinga at leapset.com>
Cc: "Lohitha Chiranjeewa" <kalc04 at gmail.com>, keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Clarification on Remember Me Functionality



I'm confused, what do you actual think the session timeout does? Exactly why do you think that remember-me/session should be valid after the session has timed out?

----- Original Message -----
> From: "Kalinga Dissanayake" <kalinga at leapset.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: "Lohitha Chiranjeewa" <kalc04 at gmail.com>, keycloak-user at lists.jboss.org
> Sent: Wednesday, 29 April, 2015 9:47:50 AM
> Subject: Re: [keycloak-user] Clarification on Remember Me Functionality
> 
> 
> Stian,
> 
> I am having this issue on remember me functionality
> Can you help me getting it sorted?
> 
> I need keycloak to remember me for 2 weeks but i need the session idle
> timeout to be only 20 minutes.
> I tried setting SSO Session Max Lifespan to 14 days and setting SSO Session
> Idle Timeout to 20 minutes.
> But keycloak remember me token expires after 20 minutes! I need the remember
> me token to be valid for 14 days and session idle timeout to be valid for 20
> minutes. :) How can i get this sorted? Setting both parameters to 14 days
> does not work for me :) Any other way forward?
> 
> Kalinga
> 
> -----Original Message-----
> From: "Stian Thorgersen" <stian at redhat.com>
> Sent: Friday, April 10, 2015 2:02pm
> To: "Lohitha Chiranjeewa" <kalc04 at gmail.com>
> Cc: keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] Clarification on Remember Me Functionality
> 
> 
> 
> This is expected behaviour
> 
> ----- Original Message -----
> > From: "Lohitha Chiranjeewa" <kalc04 at gmail.com>
> > To: "Stian Thorgersen" <stian at redhat.com>, keycloak-user at lists.jboss.org
> > Sent: Friday, 10 April, 2015 8:57:19 AM
> > Subject: Re: [keycloak-user] Clarification on Remember Me Functionality
> > 
> > Thanks for the suggestion. I will have to adjust both timeouts according to
> > my needs.
> > 
> > So is this the expected behavior of Keycloak or is there room for an
> > improvement? In my view, Remember Me functionality should work independent
> > of SSO Session Idle Timeout.
> > 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150429/a85268af/attachment.html 


More information about the keycloak-user mailing list