KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me#5718
Merged
mposolda merged 1 commit intokeycloak:masterfrom Nov 15, 2018
Merged
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me#5718mposolda merged 1 commit intokeycloak:masterfrom
mposolda merged 1 commit intokeycloak:masterfrom
Conversation
Previously remember-me sessions where tied to the SSO max session timeout which could lead to unexpected early session timeouts. We now allow SSO timeouts to be configured separately for sessions with enabled remember-me. This enables users to opt-in for longer session timeouts. SSO session timeouts for remember-me can now be configured in the tokens tab in the realm admin console. This new configuration is optional and will tipically host values larger than the regular max SSO timeouts. If no value is specified for remember-me timeouts then the regular max SSO timeouts will be used. Work based on PR keycloak#3161 by Thomas Darimont <[email protected]>
Contributor
Author
|
@mposolda Had to make a small change to one of the tests that failed on travis. Just updated the PR |
mposolda
approved these changes
Nov 14, 2018
Contributor
|
@keycloak-ci-bot test |
|
@mposolda Job is scheduled |
Contributor
|
@keycloak-ci-bot test |
|
@mposolda Job is scheduled |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR #3161 by
Thomas Darimont [email protected]. Review by Stian
on the original PR was used as a guideline for the necessary changes,
including:
Link for the PR that updates the documentation: keycloak/keycloak-documentation#515