SAML 2.0 Single Sign-On
30 minute time out set somewhere? (3 posts)

  1. annanicotera
    Posted 1 year ago #

    We are using this SAML 20 sso plugin version 0.9.1 and is using Okta behind it. Okta has a 2 hour session lifetime. We are saving PHP sessions in a Couchbase memcached bucket. Other then memcache as a session handler, php.ini session settings are default. What we are seeing is, when a user is logged in for 30 minutes or more, the Okta SID cookie is not being deleted if a user logs out. So the issue is:
    - userA logs in
    - within 30 minutes logs out, we see the Okta session cookie deleted
    - userB logs in and we see userB is authenticated -- this is expected.

    But if we do:
    - userA logs in
    - AFTER 30 minutes but before 2 hours, userA logs out, we see the Okta session cookie NOT being deleted
    - userB logs in and we see userA is still logged in -- this is NOT expected.

    So we are trying to figure out where this "30" minute setting is, or is there a session timeout within this plugin and if so, where is this being set?

    Thank you.


  2. annanicotera
    Posted 1 year ago #

    I meant to say:
    'Other than memcache...'
    And not:
    'Other then memcache...'

  3. ktbartholomew
    Plugin Author

    Posted 1 year ago #

    The expiration for the plugin's cookie is 2 hours, so I don't think that is the source of the problem. The plugin leans heavily on the SimpleSAMLPHP library, so you may also search that project's forums for a potential solution. For example, this link: https://groups.google.com/forum/#!topic/simplesamlphp/EmfvEBfG3yg

    I can't get the above link to paste un-broken...so don't bother clicking it and just copy/paste.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • SAML 2.0 Single Sign-On
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic