mirrors/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-25 16:42:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removing the extra two-minute Window for persistent user sessions (#32660)

Browse Source 
Closes #28418

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
This commit is contained in:
Alexander Schwartz
2024-09-09 09:28:48 +02:00
committed by GitHub
parent e1d5f0c871
commit b88ecc0237
7 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/documentation/server_admin/topics/sessions/timeouts.adoc
View File

@@ -93,6 +93,8 @@ image:images/tokens-tab.png[Tokens Tab]
[NOTE]
====
The following logic is only applied if persistent user sessions are not active:
For idle timeouts, a two-minute window of time exists that the session is active. For example, when you have the timeout set to 30 minutes, it will be 32 minutes before the session expires.
This action is necessary for some scenarios in cluster and cross-data center environments where the token refreshes on one cluster node a short time before the expiration and the other cluster nodes incorrectly consider the session as expired because they have not yet received the message about a successful refresh from the refreshing node.