Re: IDP session timeout

Kevin P. Foote kpfoote at
Tue Aug 20 17:20:03 EDT 2013

Well I guess... 

Kinda depends on which you have set longer. I tend to think of the LoginHandler time as a hard stop at that particular LH since the idea is that you could be running multiple.

sent from mobile

----- Reply message -----
From: "Wessel, Keith" <kwessel at>
To: "Shib Users" <users at>
Subject: IDP session timeout
Date: Tue, Aug 20, 2013 5:11 PM

So, to confirm, Kevin, the session lifetime is an inactivity timer, but the login handler timeout doesn't get reset and is a max session lifetime. That correct?


-----Original Message-----
From: users-bounces at [mailto:users-bounces at] On Behalf Of Kevin P. Foote
Sent: Tuesday, August 20, 2013 3:56 PM
To: Shib Users
Subject: RE: IDP session timeout

On Tue, 20 Aug 2013, Wessel, Keith wrote:

> Yes, I read that page before I posted. But it appears that, at least for the session value, it gets reset after a user visits the IDP from any SP. It's unclear for the login handler timeouts from that page, but I'd expect it's the same: the counter gets reset after each login for that given login handler. Thus my statement about keeping my session alive on the IDP by hitting it every 29 minutes (assuming all SPs use the same login handler, that is).

The LoginHandler time is a hard stop I believe is the way Chad said it before..

To unsubscribe from this list send an email to users-unsubscribe at
To unsubscribe from this list send an email to users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list