Transientid and session timeout

Peter Schober peter.schober at
Mon Feb 19 07:24:53 EST 2018

* Julian Williams <julian.williams at> [2018-02-19 13:13]:
> In our environment both idp.authn.defaultLifetime and
> idp.authn.defaultTimeout are not changed from the default values, 60 &
> 30min respectively according to the docs[0]. So we'd still expect
> re-authentication after 60min but this hidden from the users in our
> environment as we have Shibboleth sitting on top of another SSO layer
> that uses Stanford WebAuth which has a much longer SSO session. So
> currently the 60min session timeout is only causing a problem for SLO
> requests.

Did you change this setting in

# Extra time to store sessions for logout
#idp.session.slop = PT0S


More information about the users mailing list