Details

    • Type: Improvement
    • Status: Open
    • Priority: High
    • Resolution: Unresolved
    • Affects Version/s: 6.12.1
    • Fix Version/s: None
    • Component/s: OAuth, SAML SSO
    • Labels:
    • Environment:

      Artifactory HA with SAML SSO

      Description

      In our Artifactory clusters we have implemented SAML SSO for UI authentication.  We have noticed that the default tomcat web.xml settings for session timeouts are set to 30 minutes.

      The issue comes with the fact that the URI a user is actively on is not stored.  So when the web session for tomcat expires the user is forced through an SSO check against their SSO provider.  The Artifactory SAML plugin is then doing a first time authentication type check against the SSO provider and then redirecting a user back to the home page.

       

      A user then will have to navigate back to their URI again.  The only workaround is less secure which is to try and increase the session timeout to make the forced re-auth to SSO less often.  This is not a good approach.  It would be better for Artifactory to be storing those session URI so that the user is returned to the proper page they were on

       

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                bcherrin Bradley Herrin
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: