Re: IDP session timeout
Kevin P. Foote
kpfoote at iup.edu
Tue Aug 20 17:20:03 EDT 2013
Well I guess...
Kinda depends on which you have set longer. I tend to think of the LoginHandler time as a hard stop at that particular LH since the idea is that you could be running multiple.
sent from mobile
----- Reply message -----
From: "Wessel, Keith" <kwessel at illinois.edu>
To: "Shib Users" <users at shibboleth.net>
Subject: IDP session timeout
Date: Tue, Aug 20, 2013 5:11 PM
So, to confirm, Kevin, the session lifetime is an inactivity timer, but the login handler timeout doesn't get reset and is a max session lifetime. That correct?
Keith
-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Kevin P. Foote
Sent: Tuesday, August 20, 2013 3:56 PM
To: Shib Users
Subject: RE: IDP session timeout
On Tue, 20 Aug 2013, Wessel, Keith wrote:
> Yes, I read that page before I posted. But it appears that, at least for the session value, it gets reset after a user visits the IDP from any SP. It's unclear for the login handler timeouts from that page, but I'd expect it's the same: the counter gets reset after each login for that given login handler. Thus my statement about keeping my session alive on the IDP by hitting it every 29 minutes (assuming all SPs use the same login handler, that is).
The LoginHandler time is a hard stop I believe is the way Chad said it before..
------
thanks
kevin.foote
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130820/52e1d3c9/attachment-0001.html
More information about the users
mailing list