By: paolo mosconi user 13 Sep 2019 at 11:03 a.m. CDT

2 Responses
paolo mosconi gravatar
In our installation with Apache2 mod_auth_openidc we don't understand how to best set session duration and token lifetime. We would like sessions to be renewed after expiry by redirecting to login page. We are experiencing "stuck" sessions where the browser is not redirected while session id is expired. Thanks in advance paolo

By Mohib Zico Account Admin 18 Sep 2019 at 2:33 a.m. CDT

Mohib Zico gravatar
>> We are experiencing "stuck" sessions where the browser is not redirected while session id is expired. What do you mean by "stuck" session?

By paolo mosconi user 18 Sep 2019 at 5:20 a.m. CDT

paolo mosconi gravatar
The session seems to be expired because mod_auth_openidc sends a redirect 302 to the login page, but the browser doesn't follow the redirection. The only way to proceed is manually deleting the auth cookie from the browser.