Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
We have need for a session expiration policy that is absolute instead of sliding window. For example, given a setting of idp.session.timeout = PT2H, the SSO session would expire in 2 hours regardless of session activity.
Environment
None
Activity
Marvin AddisonSeptember 3, 2015 at 2:02 PM
Session subpage sounds good.
Scott CantorSeptember 3, 2015 at 1:54 PM
Probably the best top level place for now, but you might want to create a subpage for it like I did with the method selection material to avoid cluttering it too much. A page on session behavior in general would be good.
Marvin AddisonSeptember 3, 2015 at 1:53 PM
Resolved as invalid. No features are required to accommodate the security policy we need.
Marvin AddisonSeptember 3, 2015 at 1:52 PM
Edited
Thanks for the ping. I have been able to accommodate our security policy requirements using the configuration strategy you suggested. I would like to contribute some documentation to the IDP30 wiki that discusses IdP session semantics w/r/t authentication results and provide at least one example. I will add to https://wiki.shibboleth.net/confluence/display/IDP30/AuthenticationConfiguration unless you have a better suggestion.
Scott CantorSeptember 3, 2015 at 12:16 AM
Marvin, you can close once you confirm nothing new is needed here.
We have need for a session expiration policy that is absolute instead of sliding window. For example, given a setting of
idp.session.timeout = PT2H, the SSO session would expire in 2 hours regardless of session activity.