Configure Service Provider Timeouts


This guide shows how to configure the various timeouts for a Shibboleth Service Provider (SP) session.

Introduction

There are several timeout settings available for an SP's use, all configured by attributes in the Session element of the shibboleth2.xml configuration file.
Attribute
Meaning
lifetime Maximum duration of an SP session, regardless of activity (in seconds)
timeout Maximum inactivity time (in seconds). This is for browser requests that involve the SP, not browser activity in general.
maxTimeSinceAuthn Maximum time allowed (in seconds) between the the act of authentication at the idp and an attempt to access the SP. This can be used to assure that a forced reauthentication was invoked.

See Also

Shibboleth Project's NativeSPSessions reference