I have a running productive WSO2 Identity Server (Version wso2is-5.6.0) and a new clean testing instance (Version 5.9.0) and using identity providers with 2Factor authentication. (basic and totp).
When both of them are active, the "rember me" function doesn't work anymore. When i disable the totp authentication, the "Remember Me" function works and the Session keeps active when the Browser is closed.
Does anybody know, if that's a configuration issue, a error or just doesn't work like that?
Configuration in the deployment.toml:
[session_data.persistence]
enable_persistence = true
persist_temporary_data = true
persistence_pool_size = "0"
[session_data.cleanup]
enable_expired_data_cleanup = true
expire_session_data_after = "14d"
clean_expired_session_data_every = "1d"
clean_expired_session_data_in_chunks_of = "8192"
clean_logged_out_sessions_at_immediate_cycle = "true"
enable_pre_session_data_cleanup = true
pre_session_data_cleanup_thread_pool_size= "20"
expire_pre_session_data_after= "40m"
This is the bug in the product. Thank you for reporting this. I have created a git issue to track and fix this. We will fix this in the next weekly release.