Commit bcd3b636 authored by Drew Blessing's avatar Drew Blessing Committed by Drew Blessing

Lower SAML SSO session expiry to one day

parent be2916d7
...@@ -87,7 +87,7 @@ Please note that the certificate [fingerprint algorithm](#additional-providers-a ...@@ -87,7 +87,7 @@ Please note that the certificate [fingerprint algorithm](#additional-providers-a
With this option enabled, users must go through your group's GitLab single sign-on URL. They may also be added via SCIM, if configured. Users can't be added manually, and may only access project/group resources via the UI by signing in through the SSO URL. With this option enabled, users must go through your group's GitLab single sign-on URL. They may also be added via SCIM, if configured. Users can't be added manually, and may only access project/group resources via the UI by signing in through the SSO URL.
However, users are not prompted to sign in through SSO on each visit. GitLab checks whether a user However, users are not prompted to sign in through SSO on each visit. GitLab checks whether a user
has authenticated through SSO. If it's been more than 7 days since the last sign-in, GitLab has authenticated through SSO. If it's been more than 1 day since the last sign-in, GitLab
prompts the user to sign in again through SSO. prompts the user to sign in again through SSO.
You can see more information about how long a session is valid in our [user profile documentation](../../profile/#why-do-i-keep-getting-signed-out). You can see more information about how long a session is valid in our [user profile documentation](../../profile/#why-do-i-keep-getting-signed-out).
......
---
title: Lower SAML SSO session expiry to one day
merge_request: 54374
author:
type: changed
...@@ -4,7 +4,7 @@ module Gitlab ...@@ -4,7 +4,7 @@ module Gitlab
module Auth module Auth
module GroupSaml module GroupSaml
class SsoEnforcer class SsoEnforcer
DEFAULT_SESSION_TIMEOUT = 7.days DEFAULT_SESSION_TIMEOUT = 1.day
attr_reader :saml_provider attr_reader :saml_provider
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment