Auto log out after 90 seconds

We ran into this issue as well. While I don't have a true solution, we found a workaround.

The problem for us seemed to be that if a user is automatically provisioned by SAML but has no roles assigned, the IsAuthenticated() check fails (even though it is an authenticated user, it seems to fail the check if they have no other roles assigned).

Our workaround was to add a generic role (like "SAML_Authenticated") that we assign to all SAML users as they are logged in, which prevents the IsAuthenticated() check from failing improperly.

We suspect that the 90 second timout is coming from our SAML IdP which expires auth tokens after 90 seconds on the IdP side, but haven't had time to dig into it beyond what I've posted here.

Hope this helps!

We are facing a similar issue with version 8.0-3.1 of this module. Is there a solution to prevent session timeout? What does the "SAML_Authenticated" role do?

The SAML_Authenticated role did nothing and had no permissions. We added it only to assign a newly logged in SAML user a role, because login authentication was failing for users with no assigned roles.

This was 4 years ago and on a project I no longer have access to, and I'm not sure if this is still an issue or not.

Also experiencing the exact same issue. The workaround still works, but you do need to add the new role as Local authentication under "Which ROLES should be allowed to login with local accounts?" otherwise the drupal session will still get destroyed and log you out.

Edit:
In our case it had to do with some of the cookie lifetime settings set to 0, which means they get destroyed as soon as the browser closes.

In our case it had to do with some of the cookie lifetime settings set to 0, which means they get destroyed as soon as the browser closes.

@robertragas, can you share the specific cookie settings you needed to change? Also, even with the cookie change did you still need to assign a role other than "Authenticated"?