Since this seems to be valid requirement to have I created a JIRA[1] to track this.
[1] https://wso2.org/jira/browse/IDENTITY-5933 Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Sat, May 13, 2017 at 9:25 PM, Farasath Ahamed <[email protected]> wrote: > > On Thu, May 11, 2017 at 3:21 PM, Illia Alifanov <[email protected]> > wrote: > >> I have in mind such activity: user works in web app more than >> *SessionIdleTimeout* (calls same services, changes data in database). >> >> >> >> Can we imitate “user is already authenticated and tries to login again “ >> sending >> next request (from some service and using sessionDataKey from last >> successful authentication request) ? >> >> >> >> https://identityserver:9444/passivests?sessionDataKey=bda396 >> 56-ed51-4e08-8806-ef12967bed12 >> > > This would not work. 'SessionDataKey' is actually a temporary key used to > correlate context information. > > Based on a suggestion by Malithi, there is an indirect way of doing this > via sending a passive oidc request. So the idea is to send a request like > https://localhost:9443/oauth2/authorize?response_type=code&; > client_id=z25ZgPTZRWbNI_ewMdBwUhF1Gbga&redirect_uri= > https://localhost/callback&scope=openid&prompt=none via a > seperate iframe in the app. Note *promp=none *which helps to skip the > consent screen which otherwise needs to be approved explicly by the user > for the OIDC auth flow to be completed. > > What will happen is along with oidc/oauth2 request a cookie name > "commonAuthId" will pass to authentication framework of WSO2 Identity > Server. Since the commonAuthId will help the IS to identify a existing > authenticated session the session will get extended. > > >> >> >> >> >> >> >> *From:* Farasath Ahamed [mailto:[email protected]] >> *Sent:* Thursday, May 11, 2017 11:00 AM >> >> *To:* Illia Alifanov <[email protected]> >> *Cc:* [email protected] >> *Subject:* Re: [Dev] Identity Server 5.1.0 sliding session time >> expiration >> >> >> >> AFAIK, we do extend the current session if the user is already >> authenticated and tries to login again. >> >> >> >> What other user activities do you have in mind to based oj which you >> intend extend the session? >> >> On Thursday, May 11, 2017, Illia Alifanov <[email protected]> >> wrote: >> >> Hi. >> >> You understand correctly - session should be extended based on user >> activity. >> >> Is there any approach in WSO2 Identity Server 5.1 or 5.3? >> >> >> >> >> >> *From:* Farasath Ahamed [mailto:[email protected]] >> *Sent:* Wednesday, May 10, 2017 10:48 PM >> *To:* Illia Alifanov <[email protected]> >> *Cc:* [email protected] >> *Subject:* Re: [Dev] Identity Server 5.1.0 sliding session time >> expiration >> >> >> >> Hi *Illia,* >> >> >> >> You can increase the session timeout value using configs in [1]. >> >> IIUC what you mean by a sliding session time is that the session should >> get extended based on user activity. Is that correct? >> >> >> >> >> >> [1] https://docs.wso2.com/display/IS510/Configuring+Session+Timeout >> >> >> Farasath Ahamed >> >> Software Engineer, WSO2 Inc.; http://wso2.com >> >> Mobile: +94777603866 >> >> Blog: blog.farazath.com >> >> Twitter: @farazath619 <https://twitter.com/farazath619> >> >> [image: Image removed by sender.] <http://wso2.com/signature> >> >> >> >> >> >> >> >> On Wed, May 10, 2017 at 12:55 PM, Illia Alifanov < >> [email protected]> wrote: >> >> Dear, WSO2 dev-team, >> >> Help me please with this question about Identity Server 5.1.0 >> >> >> >> How we can extend Identity server’s session time. I want to synchronize >> sessions between Identity Server and my web application. My goal - is >> sliding session time depends on user activity. Do you have the best >> practice solution for this case? >> >> >> >> >> >> Regards, >> >> Illia Alifanov. >> >> >> ------------------------------ >> >> >> This e-mail may contain privileged and confidential information. If you >> are not the intended recipient, be aware that any use, disclosure, copying >> or distribution of this e-mail or any attachments is prohibited. If you >> have received this e-mail in error, please notify us immediately by >> returning it to the sender and delete this copy from your system. Thank you. >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> >> >> >> ------------------------------ >> >> >> This e-mail may contain privileged and confidential information. If you >> are not the intended recipient, be aware that any use, disclosure, copying >> or distribution of this e-mail or any attachments is prohibited. If you >> have received this e-mail in error, please notify us immediately by >> returning it to the sender and delete this copy from your system. Thank you. >> >> >> >> -- >> >> Farasath Ahamed >> >> Software Engineer, WSO2 Inc.; http://wso2.com >> >> Mobile: +94777603866 >> >> Blog: blog.farazath.com >> >> Twitter: @farazath619 <https://twitter.com/farazath619> >> >> [image: Image removed by sender.] <http://wso2.com/signature> >> >> >> >> >> >> >> >> ------------------------------ >> >> This e-mail may contain privileged and confidential information. If you >> are not the intended recipient, be aware that any use, disclosure, copying >> or distribution of this e-mail or any attachments is prohibited. If you >> have received this e-mail in error, please notify us immediately by >> returning it to the sender and delete this copy from your system. Thank you. >> > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
