SP timing out after 60 minutes.
Ragadeep Sriperumbudur
ragadeep99 at hotmail.com
Wed Mar 27 12:05:42 EDT 2013
The driving factor for the client to send that attribute is to have the
principal authenticate against the IdP before going to the next SP
application. So, they are setting a shorter span session for the user in the
SessionNotOfAfter. The client wants the SP to manage our own session expiry
length independent of their settings. I know, its clear as per the SAML
standard SP honors the IdP settings.
Is there an alternative way that the IdP does not send the
SessionNotOnOrAfter but still requires the principal authenticate before
accessing another SP application?
--
View this message in context: http://shibboleth.1660669.n2.nabble.com/SP-timing-out-after-60-minutes-tp7584660p7585701.html
Sent from the Shibboleth - Users mailing list archive at Nabble.com.
More information about the users
mailing list