Session across domains
A Limawi session is transfered across Limawi subdomains using OpenID.
The session is started from the domain limawi.io and can be extended to the subdomain blog.limawi.io.
The session on blog.limawi.io is normally started when a session exists on limawi.io using a cookie asking for a redirection to fetch the OpenID credentials.
These sessions are automatically checked every minute with a client ajax polling. The client ajax polling on blog.limawi.io checks if the session is on the way on the two domains.
On the page “Profile”, “Security”, all your sessions are listed. You can easily revoke them via a “Close” button appending to each session.
These sessions list shows the IP used to access the session and when the session was started.
On the most a session lasts on the client for a maximum of 8 hours.
On the server the session is revoked after 8 hours of inactivity.
Create your secure network