On Thu, May 11, 2017 at 3:21 PM, Illia Alifanov <[email protected]> wrote:
> I have in mind such activity: user works in web app more than > *SessionIdleTimeout* (calls same services, changes data in database). > > > > Can we imitate “user is already authenticated and tries to login again “ > sending > next request (from some service and using sessionDataKey from last > successful authentication request) ? > > > > https://identityserver:9444/passivests?sessionDataKey=bda396 > 56-ed51-4e08-8806-ef12967bed12 > This would not work. 'SessionDataKey' is actually a temporary key used to correlate context information. Based on a suggestion by Malithi, there is an indirect way of doing this via sending a passive oidc request. So the idea is to send a request like https://localhost:9443/oauth2/authorize?response_type=code&client_id=z25ZgPTZRWbNI_ewMdBwUhF1Gbga&redirect_uri=https://localhost/callback&scope=openid&prompt=none via a seperate iframe in the app. Note *promp=none *which helps to skip the consent screen which otherwise needs to be approved explicly by the user for the OIDC auth flow to be completed. What will happen is along with oidc/oauth2 request a cookie name "commonAuthId" will pass to authentication framework of WSO2 Identity Server. Since the commonAuthId will help the IS to identify a existing authenticated session the session will get extended. > > > > > > > *From:* Farasath Ahamed [mailto:[email protected]] > *Sent:* Thursday, May 11, 2017 11:00 AM > > *To:* Illia Alifanov <[email protected]> > *Cc:* [email protected] > *Subject:* Re: [Dev] Identity Server 5.1.0 sliding session time expiration > > > > AFAIK, we do extend the current session if the user is already > authenticated and tries to login again. > > > > What other user activities do you have in mind to based oj which you > intend extend the session? > > On Thursday, May 11, 2017, Illia Alifanov <[email protected]> > wrote: > > Hi. > > You understand correctly - session should be extended based on user > activity. > > Is there any approach in WSO2 Identity Server 5.1 or 5.3? > > > > > > *From:* Farasath Ahamed [mailto:[email protected]] > *Sent:* Wednesday, May 10, 2017 10:48 PM > *To:* Illia Alifanov <[email protected]> > *Cc:* [email protected] > *Subject:* Re: [Dev] Identity Server 5.1.0 sliding session time expiration > > > > Hi *Illia,* > > > > You can increase the session timeout value using configs in [1]. > > IIUC what you mean by a sliding session time is that the session should > get extended based on user activity. Is that correct? > > > > > > [1] https://docs.wso2.com/display/IS510/Configuring+Session+Timeout > > > Farasath Ahamed > > Software Engineer, WSO2 Inc.; http://wso2.com > > Mobile: +94777603866 > > Blog: blog.farazath.com > > Twitter: @farazath619 <https://twitter.com/farazath619> > > [image: Image removed by sender.] <http://wso2.com/signature> > > > > > > > > On Wed, May 10, 2017 at 12:55 PM, Illia Alifanov <[email protected]> > wrote: > > Dear, WSO2 dev-team, > > Help me please with this question about Identity Server 5.1.0 > > > > How we can extend Identity server’s session time. I want to synchronize > sessions between Identity Server and my web application. My goal - is > sliding session time depends on user activity. Do you have the best > practice solution for this case? > > > > > > Regards, > > Illia Alifanov. > > > ------------------------------ > > > This e-mail may contain privileged and confidential information. If you > are not the intended recipient, be aware that any use, disclosure, copying > or distribution of this e-mail or any attachments is prohibited. If you > have received this e-mail in error, please notify us immediately by > returning it to the sender and delete this copy from your system. Thank you. > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > > ------------------------------ > > > This e-mail may contain privileged and confidential information. If you > are not the intended recipient, be aware that any use, disclosure, copying > or distribution of this e-mail or any attachments is prohibited. If you > have received this e-mail in error, please notify us immediately by > returning it to the sender and delete this copy from your system. Thank you. > > > > -- > > Farasath Ahamed > > Software Engineer, WSO2 Inc.; http://wso2.com > > Mobile: +94777603866 > > Blog: blog.farazath.com > > Twitter: @farazath619 <https://twitter.com/farazath619> > > [image: Image removed by sender.] <http://wso2.com/signature> > > > > > > > > ------------------------------ > > This e-mail may contain privileged and confidential information. If you > are not the intended recipient, be aware that any use, disclosure, copying > or distribution of this e-mail or any attachments is prohibited. If you > have received this e-mail in error, please notify us immediately by > returning it to the sender and delete this copy from your system. Thank you. >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
