Hi all, I have taken over looking into this issue <https://wso2.org/jira/browse/STORE-875> in ES pack. As of now we have decided to increase this session-timeout duration to a higher value. We can achieve that by setting "SessionIdleTimeout"(default 15 min) to a higher value in identity.xml. But we cannot override this value coming from IS-components, since "SessionIdleTimeout" is not parameterized. As a workaround, we are going to maintain a local copy of identity.xml in ES repository with this particular value increased.
Can we get "SessionIdleTimeout" entry parameterized from IS side, so that we can override it at build time? Or any other better way to do this? [1] https://wso2.org/jira/browse/STORE-875 Thanks! -Ayesha On Thu, Jul 16, 2015 at 5:31 PM, Johann Nallathamby <[email protected]> wrote: > Hi Manu, > > Sorry couldn't give a timely update in the thread. > > We discussed this internally with the presence of Tanya from UES as well. > We concluded that this is not a blocker or not very easily reproducible by > a single user at a browser without help of automating the interactions. > This could only happen if there is a huge network delay. > > Implementing this stuff will take a considerable time. None of our users > have faced any issue so far. We will consider this for a future release. > > Also Thanuja is currently developing some thing for IS 5.1.0 where if > something like this occurs, the user won't land in an error page but > instead land in a logged out page of the Identity Server. > > Thanks. > > On Thu, Jul 16, 2015 at 11:54 AM, Manuranga Perera <[email protected]> wrote: > >> Hi IS team, >> How is the progress on this issue? We need this fix soon for the RC1 >> release. >> >> On Mon, Jun 15, 2015 at 7:02 PM, Ruchira Wageesha <[email protected]> >> wrote: >> >>> >>>> >>>> We have following concern with the above suggested approach. >>>> Say we make the call1 and then receive the response 1 as the session >>>> still exists. But between the time that we make the call2, session gets >>>> expired. (since these are network calls and delays may occur.) >>>> So at that point we face the same original problem again. >>>> >>>> Isn't the proper approach is to send a logout response from the >>>> identity side with a proper message (no session exists) to the application >>>> side rather than breaking the flow in the middle? >>>> >>> @IS Team, >>> >>> Can you please share your thoughts on this and any fixes if needed >>> please :). >>> >>>> >>>> Senior Software Engineer, >>>> WSO2 Inc. : wso2.com >>>> Mobile : +94718184439 >>>> Blog : http://tanyamadurapperuma.blogspot.com >>>> >>> >>> >>> >>> -- >>> >>> *Ruchira Wageesha**Technical Lead* >>> *WSO2 Inc. - lean . enterprise . middleware | wso2.com >>> <http://wso2.com>* >>> >>> *email: [email protected] <[email protected]>, blog: >>> ruchirawageesha.blogspot.com <http://ruchirawageesha.blogspot.com>, >>> mobile: +94 77 5493444 <%2B94%2077%205493444>* >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> With regards, >> *Manu*ranga Perera. >> >> phone : 071 7 70 20 50 >> mail : [email protected] >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Ayesha Dissanayaka* Software Engineer, WSO2, Inc : http://wso2.com <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> 20, Palmgrove Avenue, Colombo 3 E-Mail: [email protected] <[email protected]>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
