The behaviour of SSO is as such...
When user A selects NO for “Stay
signed in” prompt, the password will NOT be cached but session cookie lifetime
is still 24 hours.
If user A logs out the session,
other user has no access to the previous session.
However, if user A doesn’t close
the internet browser without logging out, another user still can access to user
A’s data within 24 hours.
On the other hand, when user A
selects YES for “Stay signed in” prompt, the password will be cached (default 90
days).
Another user from the same
workstation will has access to user A session regardless whether user A closes
the internet browser or completely logs out the session.
No comments:
Post a Comment