[LPS-90464] User isn't logged out after SAML Session Idle Timeout or Session Maximum Age is reached - Liferay Issues

XML

Word

Printable

Details

Type: Regression Bug
Status: Closed
Resolution: Won't Fix
Affects Version/s: 7.2.X, Master
Fix Version/s: None
Component/s: Application Security > SAML
Labels:
- SMEQAFP3
- sme-must-7.2

Fix Priority:
4

Description

Steps to reproduce:

Setup IdP and SP
On Identity Provider page, set the Session Idle Timeout to 180 and the Session Maximum Age to 300
Log out and log back in
Idle for 3 minutes (180 seconds)
Wait another 2 minutes (300 seconds total)

Expected result:
Expected to be logged out at Step 4 and Step 5

Actual result:
User is still logged in.

Reproduced on:
Tomcat 9.0.10 + MySQL 5.7.25
Portal master-private GIT ID: a9592e2d7fea42208023d053f0e6fedf4f6a2380

Attachments

Issue Links

Testing discovered

LPS-95317 SAML session expiration causes IdP portal session to expire

Closed

Activity

People

Assignee:: Timothy Pak

Reporter:: Timothy Pak

Participants of an Issue:: Carlos Sierra, Timothy Pak

Recent user:: Timothy Pak

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 12/Feb/19 5:13 PM

Updated:: 09/May/19 6:04 PM

Resolved:: 09/May/19 6:19 AM

Days since last comment:: 3 years, 8 weeks, 4 days ago

Packages

Version	Package