Option to continue session if browser / tab is closed · elastic/kibana#36573

(4 留言) (7 反應) (0 負責人)TypeScript (19,065 star) (8,021 fork)batch import

Feature:Security/AuthenticationTeam:Securityenhancementgood first issue

描述

With xpack.security.sessionTimeout, you can extend the session timeout but it will always log out if the tab or browser window is closed. There are many systems (Slack, Skype, etc.) that connect via SSO that will keep the connectivity because the login credentials are kept by the system.

The original user making this request is hooking up Kibana/Elastic to SAML, and are finding that browser restarts always invalidate their sessions. This is as-designed per https://www.elastic.co/guide/en/kibana/current/security-settings-kb.html, but this user would like to have that behavior changed or changeable.

貢獻者指南

技術棧: typescriptreactnodejs
領域: backendsecurityauthentication
議題類型: feature
難度: 3
預計時間: 1-2 days
活動狀態: stale
清晰度: mostly clear
前置要求: Understanding of Kibana session managementKnowledge of SAML authentication
新手友善度: 30
研究方向: Review the current session timeout implementation in Kibana, specifically the xpack.security.sessionTimeout setting and how SAML sessions are handled. Investigate how other systems like Slack persist sessions across browser restarts. Check linked issues and comments for any proposed solutions or related work.