...
Luckily, there are ways to solve the problem of expiring application session as we saw in Session Expiration#Preventing chapterĀ Preventing SSO and Application Session Expiration in Session expiration.
|
|---|
| Figure 6. Scenario where web server filter session is longer than application session |
...
This scenario is otherwise similar to the scenario in 4508090471previous chapter, but the SSO session is now refreshed from the application. This refreshing will result in the SSO session lasting longer than the application and web application sessions and thus when web application session ends, no re-authentication is needed from the user to continue using the application (see Figure 7).
...