Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

In this Discussion

Please upgrade here. These earlier versions are no longer being updated and have security issues.

jsConnect/SSO - How to invalidate session?

Hey all,

I am using jsConnect and the Auto-signin/out plugin to integrate with my existing website. The issue is that on my existing website, if the users session expires after 2 hours, that user is STILL showing as logged into the Vanilla Forums. What can I do to solve this? How can I make jsConnect authenticate on every request to make sure things stay in-sync?

Comments

  • LincLinc Director of Development Detroit Vanilla Staff

    Vanilla does not currently have a proper session to invalidate. Limiting your cookie validation window to a shorter timeframe would be one way to accomplish something similar. Generally, you don't want SSO validating on every request as that would become tremendously expensive.

  • That seems like an important piece that is missing in jsConnect/Vanilla that there is not a method to keep the sessions in-sync. Thanks for your comments though

Sign In or Register to comment.