[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] (no subject)
From:       jcain () redhat ! com (Josh Cain)
Date:       2016-10-27 13:23:11
Message-ID: 1477574591.3089.61.camel () redhat ! com
[Download RAW message or body]

Interesting - and what of the SAML Use case? ?Typically SAML SP's are
going to consume the assertion and then establish a session with the
end user. ?Seems like a valid use case to notify these consumers so
that there aren't lingering sessions if their expiry happens to be
longer than the IDP.
On Thu, 2016-10-27 at 12:15 +0200, Stian Thorgersen wrote:
> No, there is no notification in this case. Only if user or admin
> actively
> logs out the session.
> 
> As access tokens have short expiration the applications would notice
> the
> session idle in either case when trying to refresh the token, so I
> don't
> think it's needed.
> 
> On 27 October 2016 at 11:29, Rickard ?sterg?rd <rickard.ostergard at gma
> il.com>
> wrote:
> 
> > 
> > Hi,
> > 
> > I have a question about user session expiration.
> > 
> > When the SSO Session Idle or SSO Session Max times are reached the
> > auth
> > server will invalidate the user session. Will the clients that have
> > initiated these session be notified? Hence, are the clients logged
> > out (via
> > the admin url) when the auth server expires a user session?
> > 
> > If not, is this a feature that will be implemented in coming
> > releases ?
> > 
> > Best regards,
> > Rickard
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

[prev in list] [next in list] [prev in thread] [next in thread]