-
Could someone explain the relationship between these two settings? Does one take precedence over the other? What is the session expiry behavior if they are not set to the same value? In general, I would like the Keycloak setting to govern when the client's session is invalidated. Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
they are not related, they are independent of each other; one tracks the idle time on the Apache/mod_auth_openidc application session, the other tracks the idle time on the Keycloak SSO session; you can set the value to the same timeout, but one does not (and can not) actually govern the other |
Beta Was this translation helpful? Give feedback.
-
see also: https://github.com/zmartzone/mod_auth_openidc/wiki/Sessions-and-Timeouts |
Beta Was this translation helpful? Give feedback.
see also: https://github.com/zmartzone/mod_auth_openidc/wiki/Sessions-and-Timeouts