Session timeout settings does not apply

[Leon Van Eeden]

Good day,

We need to set the session timeout for for WebADM to 1 week but it doesn't seem to work.

We've set the webadm webapps session time to 604800 (1 week) and restarted webadm but it doesn't work

After I log in :

Shows 1 hour

In the webadm base settings UI I can see the value I set, but it is not applied

15:17

In the SSO settings UI there is a dropdown to configure it, but the max time is 1 day, which is not sufficient, I therefore want to set it in the config file

Kind regards,

Leon van Eeden

[Yoann Traut (RCDevs)]

Hello,

The settings for web application (webapps) sessions and Single Sign-On (SSO) session timeouts are entirely independent.

The webapps session is linked to the timeout of the respective web application. Once a user has been successfully authenticated, the associated cookie remains valid, allowing access to the webapps throughout the webapp session's duration.

The SSO session timeout applies to authenticated users on our SAML/OpenID Identity Provider (IDP). It defines the duration of the SSO session validity. Within this timeframe, the user is not prompted to re-authenticate on the Identity Provider, even if another Service Provider requests authentication.

Regards

[Leon Van Eeden]

Hi,

Is there a way for this setting to be increased from 1 day to 1 week? Maybe a setting in a config file? (As per attached screenshot)

Regards,

Leon

--
You received this message because you are subscribed to the Google Groups "RCDevs Security" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rcdevs-technic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rcdevs-technical/50ec01f4-44d4-4439-9246-cb3b4914c6cbn%40googlegroups.com.

[Yoann Traut (RCDevs)]

Hello, 

Which timeout do you want to increase exactly? 

The IDP session timeout or the web application (PWReset, SelfDesk, SelfReg...) timeout? 

Regards