Topic on Extension talk:PluggableAuth

Is there a way to avoid session timeout so quick with AzureAD?

BrunoPenso (talkcontribs)

Hi, I`m using mediawiki 1.34 with PluggableAuth and OpenIDConnect plugins, and after log in using AzureAD the session is expiring very fast.

Is there a way to set a specific time?


MarkAHershberger (talkcontribs)

I think it might have to do with PHP, but pinging @Cindy.cicalese in case she has a better idea.

Cindy.cicalese (talkcontribs)

I've heard that setting $wgObjectCacheSessionExpiry to a larger value such as 24 hours is helpful. I'm also considering ways to expose the Remember Me functionality in core MediaWiki, which may be especially useful in SSO environments.

Mdmallardi (talkcontribs)

Speaking of this, is there any updates about the Remember Me functionality, @Cindy.cicalese?

Cindy.cicalese (talkcontribs)
Mdmallardi (talkcontribs)

Unfortunately, my organization is currently using 1.31.12, and so I would love to see a broken out patch. Thanks!

Mdmallardi (talkcontribs)

As a quick follow up to this, I've tried patchset 10 on mediawiki 1.35.1 with the REL1_35 version of OpenIDConnect, and the OpenIDConnect extension cannot find the PluggableAuth Class to extend. The same happens when I try the HEAD of the master branch for OpenIDConnect.


Cindy.cicalese (talkcontribs)

Yes, unfortunately that patch is not quite ready for testing yet. I hope to get back to working on it soon.

Cindy.cicalese (talkcontribs)

There is now a patch that would add the additional Remember Me behavior. However, it turns out that it needed to be a MediaWiki core patch, since the Remember Me implementation was not sufficiently flexible to allow me to modify it from PluggableAuth. This, sadly, means that it would require a MediaWiki upgrade to get the new behavior, if it is merged. See (talkcontribs)

We had the same Problem with KeyCloak and Wiki Version "1.31.10".

To solve the problem you have to increase the value of the parameter $wgObjectCacheSessionExpiry for example to 8 Hours (28800 seconds). The default value is 3600 seconds.

Cindy.cicalese (talkcontribs)
Lamjon (talkcontribs)

hi, I'm using MW1.34.2, Plugthauth & OpenID connect to Azure AD, the same issue, & users complains too fast to be force logout.

Good news are seems 1.36 would solve it.

Reply to "Is there a way to avoid session timeout so quick with AzureAD?"