Skip to end of metadata
Go to start of metadata

Purpose

This guide shows how to configure the various timeouts for a Shibboleth Service Provider (SP) session.

Introduction

There are several timeout settings available for an SP's use, all configured by attributes in the Session element of the shibboleth2.xml configuration file.

Attribute

Meaning

lifetime

Maximum duration of an SP session, regardless of activity (in seconds)

timeout

Maximum inactivity time (in seconds). This is for browser requests that involve the SP, not browser activity in general.

maxTimeSinceAuthn

Maximum time allowed (in seconds) between the the act of authentication at the idp and an attempt to access the SP. This can be used to assure that a forced reauthentication was invoked.

See Also

Shibboleth Project's NativeSPSessions reference

  • No labels