# # Environment # UCS: 5.0-9 errata1126 Installed: admin-dashboard=3.0 admindiary-backend=1.0 admindiary-frontend=1.0 fetchmail=6.3.26 keycloak=25.0.1-ucs2 letsencrypt=2.0.0-2 mailserver=12.0 nextcloud=28.0.7-0 office365=5.10 ox-connector=2.2.13 oxseforucs=7.10.6-ucs11 prometheus-node-exporter=2.0.1 samba4=4.16 self-service=5.0 self-service-backend=5.0 4.4/prometheus=2.35.0-5 # # Description # Adjusting the UCR-variable 'umc/http/session/timeout' doesn't have any effect. I tried obscure values like '10' and restarted the UMC after the change. The change is reflected in the file '/var/www/univention/meta.json' but a timeout is not happening.
Thanks for the report. By change I just read that `umc/http/session/timeout` is ignored when using SAML (I guess because in that case the `umc/saml/assertion-lifetime` is relevant), can you tell me how you logged in?
Addendum: The problem does NOT occur when using the local login: https://primary.tierheim.intranet/univention/login/?location=/univention/portal/ BUT when using SAML SSO (which currently is configured to use Keycloak): https://primary.tierheim.intranet/univention/saml/?location=/univention/portal/
umc/http/session/timeout is only relevant for plain login. For SAML umc/saml/assertion-lifetime changes the validity of the lifetime of the SAML assertion. However this also doesn't affect the session lifetime, since there is a invisible renewal of this assertion in the UMC. The actual session length here is given by the IDP (SimpleSamlPHP or Keycloak)