Shibboleth session vs Application session
Cantor, Scott
cantor.2 at osu.edu
Tue Dec 16 15:07:29 EST 2014
On 12/16/14, 7:56 PM, "Sathish Anickode"
<SAnickode at skytouchtechnology.com> wrote:
>Thanks for your detailed reply. I was thinking of implementing exactly
>the same steps that you had outlined below to solve our needs. To refresh
>the user session, I am currently thinking of setting the authentication
>duration to a longer suration (e.g. 4 hrs) and session timeout to 15
>mins. We then need a one page session refresh app that is stateless but
>accessed periodically from our custom applications while the user is
>actively using the app. However, I feel exposing an api or a page in the
>IdP to touch the user session that can be invoked from our app will be a
>better solution than creating a single page application. Is it possible
>to add such a support in IdP?
No idea. Seems like you'd have to actually get the session to think it had
been accessed, and I don't know the code offhand well enough to say what
it takes to do that. Maybe it happens any time the session filter thingy
runs.
-- Scott
More information about the users
mailing list