One of the most pressing challenges facing businesses today is deciding…
Control session time of businesses using SAML
What’s new:
Vào tháng 3, Google released cài đặt cho phép admin G Suite Business (Google Workspace Business), Enterprise và Education chỉ định thời lượng phiên truy cập trên web – Session length control for Google services (for example, four hours, seven days, or infinity). At the time, this setting only applied to domains for which Google was responsible for credentials (i.e., where Google was an Identity provider). Google is now expanding the reach of this setting, making it possible for domains associated with another Identity Provider (IdP) using SAML to still control access duration.
Note that these settings apply to all desktop web browser sessions, as well as some mobile browser session. Mobile-specific apps, like Gmail for Android and iOS, are unaffected by these settings.
May 7, 2018: Clear session-based cookies
Previously, to be able to control the duration of sessions for G Suite customers' preferred IdP providers, Google set cookies for sessions by associating these sessions with another IdP via SAML under transient or session. These cookies are designed to expire whenever the browser is closed, meaning the user will again be redirected to their primary IdP whenever they reopen the browser and visit a Google website. .
However, over time, this behavior has become increasingly inconsistent across browsers. Google sees that G Suite admins are better served with more explicit session length controls, like the ones Google just launched. Unlike session cookies, these controls apply to whatever browser the user uses.
With this in mind, Google will delete session cookies that a G Suite user has associated with another IdP via SAML on May 7, 2018. Please consider this. custom session duration settings for the business if its workflow depends on it.
Repeat previous actions
If sessions end when a browser is closed, and you find it extremely important to repeat your previous actions, you can change the browser settings on the affected devices, to The goal is to delete all local data when exiting that browser. Instructions for setting up Chrome settings can be found at this. To make this policy cross-device, you can use multiple policies for Chrome to build transient modes.
Updated: Gimasys
Related Posts
