[keycloak-user] [KEYCLOAK-2741] Don't remove KEYCLOAK_REMEMBERME cookie when sso session expires. Add timeout for KEYCLOAK_REMEMBERME cookie - JBoss Issue Tracker

Stian Thorgersen sthorger at redhat.com
Tue Aug 16 03:45:51 EDT 2016


Cookie authenticator doesn't start a new session. It can only authenticate
the user if the session is still active.

If you want users to remain authenticated for a longer even when inactive
you should increase the SSO timeout. That's what it's for.

KEYCLOAK-2741 is about remembering the username so the user only has to
provide the password.

On 22 July 2016 at 11:18, Valerij Timofeev <valerij.timofeev at gmail.com>
wrote:

> https://issues.jboss.org/browse/KEYCLOAK-2741
>
> Hi,
>
> are there any concret plans to implement this ticket?
>
> The current implementation does not find any positive feedback by our
> customers. We are even thinking about increasing SSO timeout from 30
> minutes to a couple of days to compensate at least a little bit the current
> drawback. Would this break normal operation of the Keycloak servers?
>
> Would it be enough to implement this ticket to provide full "remember me"
> feature? Can cookie authenticator (auth-cookie) start a new SSO session if
> the initial one is already expired?
>
> Kind regards
> Valerij Timofeev
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160816/45c3e332/attachment.html 


More information about the keycloak-user mailing list