Reputation: 121
WSO2 Authentication, adding/modifing timeout to the RememberMe cookie
I am using WSO2 Identity Server 4.1.0 for user authentication.
When using the AuthenticationAdmin, I am able to use the loginWithRememberMeOption to retrieve a 'RememberMe' cookie, for instance: admin-b55cdc95-a27e-4e3e-9906-76c18b8437c5
I see in the SOAP response that the cookie has a maxAge of 604800. Does this mean that the RememberMe cookie will be unvalidated after 604800ms / 10 mins?
I tried checking the validity of the cookie after 10 minutes by using the loginwithRememberMeCookie operation. But also after 10 minutes, the result was 'true', indicating that the user was still logged in.
Is it possible to add or modify a timeout, so that the session becomes inactive? If so, where can I modify this?
Upvotes: 0
Views: 417
Answers (1)
Reputation: 1905
The RememberMe cookie time is in seconds. So, 604800 seconds mean 7 days.
AFAIK, this value cannot be modified.
Session will time out after the session expiry time. You can change the session time out value. But you can still login with remember me cookie.
Upvotes: 1
Related Questions
- Wso2 saml grant how session timeout will work
- What is default WSO2IS user session timeout period
- Authentication error because of session timeout on login page of WSO2IS
- Handle Token Expiration in WSO2
- wso2is session timeouts only working with 'Remember Me', otherwise default to 15 minutes
- Change WSO2AM API token timeouts
- how to config session timeout separately for each service provider in WSO2 identity server?
- WSO2IS: SSO session timeout doesn't work
- How to set access timeout for Web APP in WSO2?
- How do I increase session timeout with W.I.F / SAML tokens / FedAuth cookie