[ https://issues.apache.org/jira/browse/AIRAVATA-2507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16200920#comment-16200920 ]
ASF subversion and git services commented on AIRAVATA-2507: ----------------------------------------------------------- Commit b8aaabc694bbea95fbd6647a95a9c1f9cda769f7 in airavata's branch refs/heads/develop from [~marcuschristie] [ https://git-wip-us.apache.org/repos/asf?p=airavata.git;h=b8aaabc ] Merge branches 'AIRAVATA-2507' and 'AIRAVATA-2508' > Increase Keycloak access token lifetime from default of 5 minutes > ----------------------------------------------------------------- > > Key: AIRAVATA-2507 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2507 > Project: Airavata > Issue Type: Bug > Components: PGA PHP Web Gateway > Affects Versions: 0.18 > Reporter: Marcus Christie > Assignee: Marcus Christie > > Default Keycloak Access token lifetime is 5 minutes. This means if the user > is idle in the PGA for 5 minutes or more then they get logged out and can't > successful submit their work. In some cases this means the user loses work. > Here is [documentation on various timeouts in > Keycloak|http://www.keycloak.org/docs/2.5/server_admin/topics/sessions/timeouts.html]. > I think two are relevant here: > * Access Token Lifespan - this is the main one that affects access token > lifetime. I think we should make this 30 minutes (at least). > * SSO Session Idle - this timeout also affects access token lifetime. It > defaults to 30 minutes. It resets whenever there is an authentication or the > use of a refresh token. Thus, Keycloak recommends that the Access Token > Lifespan be less than the SSO Session Idle. I think we should make SSO > Session Idle to 1 hour. -- This message was sent by Atlassian JIRA (v6.4.14#64029)