[keycloak-user] [KEYCLOAK-2741] Don't remove KEYCLOAK_REMEMBERME cookie when sso session expires. Add timeout for KEYCLOAK_REMEMBERME cookie - JBoss Issue Tracker

Stian Thorgersen sthorger at redhat.com
Thu Aug 18 00:16:35 EDT 2016


We don't have any plans to work on it ourselves, but would happily accept a
contribution. It would need to take the approach of different SSO max/idle
values for remember me rather than simply ignoring idle as initially
proposed.

On 17 August 2016 at 17:53, Valerij Timofeev <valerij.timofeev at gmail.com>
wrote:

> Thank you Stian.
>
> We will try SSO time-out of 3 days to workaround the current limitation of
> the "remember me" function.
>
> More optimal solution would be https://issues.jboss.org/
> browse/KEYCLOAK-1267
> Are there any plans to work on it?
>
> 2016-08-16 9:45 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:
>
>> Cookie authenticator doesn't start a new session. It can only
>> authenticate the user if the session is still active.
>>
>> If you want users to remain authenticated for a longer even when inactive
>> you should increase the SSO timeout. That's what it's for.
>>
>> KEYCLOAK-2741 is about remembering the username so the user only has to
>> provide the password.
>>
>> On 22 July 2016 at 11:18, Valerij Timofeev <valerij.timofeev at gmail.com>
>> wrote:
>>
>>> https://issues.jboss.org/browse/KEYCLOAK-2741
>>>
>>> Hi,
>>>
>>> are there any concret plans to implement this ticket?
>>>
>>> The current implementation does not find any positive feedback by our
>>> customers. We are even thinking about increasing SSO timeout from 30
>>> minutes to a couple of days to compensate at least a little bit the current
>>> drawback. Would this break normal operation of the Keycloak servers?
>>>
>>> Would it be enough to implement this ticket to provide full "remember
>>> me" feature? Can cookie authenticator (auth-cookie) start a new SSO session
>>> if the initial one is already expired?
>>>
>>> Kind regards
>>> Valerij Timofeev
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160818/631887e7/attachment.html 


More information about the keycloak-user mailing list