vished2000
Reputation: 148
How do I set the session timeout with Pac4j / Shiro?
I have a simple question: How do I set the session timeout? Currently it seems my session is expired after max. 60 minutes, but I thout I have defined it for 10 hours...
in my shiro.ini I have this:
sessionManager =org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionIdCookie =$sessionIdCookie
sessionManager.sessionIdCookieEnabled =true
securityManager.sessionManager= $sessionManager
# 3,600,000 milliseconds = 1 hour -> set to 10 hours
sessionManager.globalSessionTimeout= 36000000
In Keycloak I have this:
And is there anything to defined also in the web.xml, like:
<!-- sets the default session timeout to 480 minutes. -->
<session-config>
<session-timeout>480</session-timeout>
</session-config>
Upvotes: 0
Views: 98
Answers (1)
jleleu
Reputation: 2699
The pac4j ShiroSessionStore relies on the Shiro session: SecurityUtils.getSubject().getSession(createSession) so it should expire as defined. Turn on DEBUG logs on org.pac4j to see what's going on.
Upvotes: 0
Related Questions
- PKCE verification failed: Code mismatch with Apache Shiro and Pac4j
- KeycloakOidcConfiguration load during application start and load values from database
- Shiro Subject filled with Pac4j?
- Redirect to requested URL after successful login with Pac4j / Shiro
- Get UserProfile / Information after successful authentication
- Keycloak, Apache Shiro and Pac4j installation / configuration
- Pac4j with Shiro and Keycloak - how can I manage my Permissions (Authorization)