WSO2的会话超时仅适用于';还记得我吗;,否则默认为15分钟
我有WSO2的5+SP1设置,可以在每个会话中持久化会话 但是,未选择“记住我”的用户将在15分钟后被wso2is强制重新验证。这些用户设置了commonAuthId cookie,但没有过期时间(浏览会话结束)。选择“记住我”的用户将获得配置了24小时过期时间的commonAuthId cookie集,15分钟后不会提示重新授权 在这两种情况下,会话序列化/缓存工作正常,因为两个commonAuthId值都将存储在备份数据库的IDN_AUTH_session_STORE表中 对于non-memberme,日志如下所示:WSO2的会话超时仅适用于';还记得我吗;,否则默认为15分钟,wso2,wso2is,Wso2,Wso2is,我有WSO2的5+SP1设置,可以在每个会话中持久化会话 但是,未选择“记住我”的用户将在15分钟后被wso2is强制重新验证。这些用户设置了commonAuthId cookie,但没有过期时间(浏览会话结束)。选择“记住我”的用户将获得配置了24小时过期时间的commonAuthId cookie集,15分钟后不会提示重新授权 在这两种情况下,会话序列化/缓存工作正常,因为两个commonAuthId值都将存储在备份数据库的IDN_AUTH_session_STORE表中 对于non-mem
[2015-07-17 08:16:00,257] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - retrieving authentication request from cache.. {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-17 08:16:00,258] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Initializing the flow {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-17 08:16:00,258] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Framework contextId: 07084e16-7dd9-4726-bf9c-a9a42b06dfe1 {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-17 08:16:00,258] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Starting an authentication flow {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-17 08:16:00,259] DEBUG {org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl} - Loading Basic Application Data of default {org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
[2015-07-17 08:16:00,260] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - commonAuthId cookie is available with the value: 4536ad78-26f5-44cb-97bb-080dfc319d13 {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-17 08:16:00,260] DEBUG {org.wso2.carbon.caching.impl.CacheImpl} - Using local cache {org.wso2.carbon.caching.impl.CacheImpl}
[2015-07-17 08:16:00,285] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Failed to find the SessionContext from the cache. Possible cache timeout. {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
SessionContext SessionContext=FrameworkUtils.getSessionContextFromCache(cookie)
.getValue())
在DefaultRequestCoordinator
中。我只是不知道为什么它会为非RememberMe用户返回null。与此相反,以下是Memberme用户的日志:
[2015-07-20 12:37:47,123] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - retrieving authentication request from cache.. {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,123] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Initializing the flow {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,123] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Framework contextId: a6bb7032-e089-4e8f-8ca4-c2f790a767f4 {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,123] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Starting an authentication flow {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,127] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - commonAuthId cookie is available with the value: c2b28178-ddcb-4156-b258-4e0fb5ffcdb8 {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,127] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Service Provider is: default {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,127] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - A previously authenticated sequence found for the SP: default {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
[2015-07-20 12:37:47,127] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Already authenticated by username: dillon {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
下面是identity.xml和web.xml中设置了超时的相关部分。我们的数据存储是一个Oracle数据库
identity.xml:
<SessionDataPersist>
<PoolSize>0</PoolSize>
<Enable>true</Enable>
<RememberMePeriod>1440</RememberMePeriod>
<CleanUp>
<Enable>true</Enable>
<Period>30</Period>
<TimeOut>720</TimeOut>
</CleanUp>
<Temporary>false</Temporary>
</SessionDataPersist>
...
<SessionContextCache>
<Enable>true</Enable>
<Capacity>100000</Capacity>
</SessionContextCache>
0
真的
1440
真的
30
720
假的
...
真的
100000
web.xml
<session-config>
<session-timeout>720</session-timeout>
</session-config>
720
在WSO2 IS中,您可以在/repository/conf/identity/identity.xml文件中设置SSO会话cookie超时值
您可以找到下面的配置
<TimeConfig>
<SessionIdleTimeout>15</SessionIdleTimeout>
................
15
................