We are using OIDC with Azure AD. The registration process works smoothly. However, I often find that I have to re-register after a short time. That is very annoying while writing articles and doing research in parallel. This can mean some time of doing nothing on the wiki side. And the moment I will save I will get a message that I have to re-register. Even visiting an opened wiki tab after a while often forces me to re-register.
Who or what determines the duration of a valid login? Is it XWiki, the OIDC extension or Azure AD? Where do I have to poke around to increase the time?
Regards, Simpel
PS: We are using XWiki 17.4.4 and OpenID Connect Authenticator 2.13.1.
Note of those. Right now, the fact that a user is authenticated is remembered in the session. So when the session is lost, the HTTP client is not authenticated anymore. What controls the session timeout duration is generally the application server in which you are running XWiki (Tomcat, Jetty, etc.).
What do you yourself consider a useful timeout? Ours is 1800 s currently. I find it much to short. This seems to be default with tomcat 10. Could it be possible that tomcat 9 had a longer default?
Honestly, I don’t know, it depends a lot on the kind of activity you have. You should basically wonder how long you or your users plan to stay in edit without clicking save, since that’s your main problem, from what I understand.
That’s what I had in mind too, yes.
Pretty sure it’s the same (and pretty sure it’s very common as a default session timeout, whatever the software).