1 2 Previous Next 21 Replies Latest reply on Jul 31, 2014 3:39 PM by pferraro

    Wildfly SSO, does it support session timeout and logout?


      Hi everyone,


      I'm using the Single-sign On feature on Wildfly 8.1.0.Final. I have a non-clustered environment - the SSO is used to login a user

      across different context roots: multiple WARs deployed on the same WildFly instance. The login process works fine, I get a

      JSESSIONIDSSO cookie and the user can access all context roots without the need to login more than once. What I don't know

      is how to achive logout/session timeout functionally...


      Question 1:

      Is there a way to set a session timeout on the SSO session? Right now, when the session timeout occurs on one of my servlets

      the user is still logged in (it has a valid JESESSIONIDSSO, and the SSO module just creates a new session automatically).


      Question 2:

      Is there a way to invalidate the SSO session programatically? The same way you can invalidate a regular session by invoking





      <subsystem xmlns="urn:jboss:domain:undertow:1.1">
                  <buffer-cache name="default"/>
                  <server name="default-server">
                      <http-listener name="default" socket-binding="http"/>
                      <host name="default-host" alias="localhost">
                          <location name="/" handler="welcome-content"/>
                          <single-sign-on path="/" />



        1 2 Previous Next