diff --git a/config-templates/config.php b/config-templates/config.php
index 4c2cc0af533fb0ff3dfcf886eafa975b89e56abb..d43a1c0659b606193af3011bb250c4e427b3dc22 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -122,6 +122,13 @@ $config = array (
*/
'session.duration' => 8 * (60*60), // 8 hours.
'session.requestcache' => 4 * (60*60), // 4 hours
+
+ /*
+ * Sets the duration, in seconds, data should be stored in the datastore. As the datastore is used for
+ * login and logout requests, thid option will control the maximum time these operations can take.
+ * The default is 4 hours (4*60*60) seconds, which should be more than enough for these operations.
+ */
+ 'session.datastore.timeout' => (4*60*60), // 4 hours
/*
* Options to override the default settings for php sessions.
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index d12c13eb811ce1e8ab4a6cc5c177b327180f0639..57bf199956c57b9b99e8a4ca7a0f29b731eeef4a 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -551,17 +551,40 @@ class SimpleSAML_Session {
*
* @param $type The type of the data. This is checked when retrieving data from the store.
* @param $id The identifier of the data.
- * @param $timeout The number of seconds this data should be stored after its last access.
* @param $data The data.
+ * @param $timeout The number of seconds this data should be stored after its last access.
+ * This parameter is optional. The default value is set in 'session.datastore.timeout',
+ * and the default is 4 hours.
*/
- public function setData($type, $id, $timeout, $data) {
+ public function setData($type, $id, $data, $timeout = NULL) {
assert(is_string($type));
assert(is_string($id));
- assert(is_int($timeout));
+ assert(is_int($timeout) || is_null($timeout));
/* Clean out old data. */
$this->expireData();
+ if($timeout === NULL) {
+ /* Use the default timeout. */
+
+ $configuration = SimpleSAML_Configuration::getInstance();
+
+ $timeout = $configuration->getValue('session.datastore.timeout', NULL);
+ if($timeout !== NULL) {
+ if(!is_int($timeout) || $timeout <= 0) {
+ throw new Exception('The value of the session.datastore.timeout' .
+ ' configuration option should be a positive integer.');
+ }
+ } else {
+ /* For backwards compatibility. */
+ $timeout = $configuration->getValue('session.requestcache', 4*(60*60));
+ if(!is_int($timeout) || $timeout <= 0) {
+ throw new Exception('The value of the session.requestcache' .
+ ' configuration option should be a positive integer.');
+ }
+ }
+ }
+
$dataInfo = array('expires' => time() + $timeout, 'timeout' => $timeout, 'data' => $data);
if(!is_array($this->dataStore)) {
diff --git a/www/saml2/idp/SingleLogoutService.php b/www/saml2/idp/SingleLogoutService.php
index e9a3f3f8c9ce9858452abbdc21977ae648b61240..77d0d46f0409cd1e1c8af6c96ee8ba9955225712 100644
--- a/www/saml2/idp/SingleLogoutService.php
+++ b/www/saml2/idp/SingleLogoutService.php
@@ -78,7 +78,7 @@ function saveLogoutInfo($id) {
global $session;
global $logoutInfo;
- $session->setData('idplogoutresponsedata', $id, 15*60, $logoutInfo);
+ $session->setData('idplogoutresponsedata', $id, $logoutInfo);
}
diff --git a/www/saml2/sp/initSLO.php b/www/saml2/sp/initSLO.php
index 2c752c93e6ce81c68bba806eccf7ac99c1f69caa..12314f974a90374145dc23463ef85a62e744d763 100644
--- a/www/saml2/sp/initSLO.php
+++ b/www/saml2/sp/initSLO.php
@@ -43,7 +43,7 @@ if (isset($session) ) {
$req = $lr->generate($spentityid, $idpentityid, $session->getNameID(), $session->getSessionIndex(), 'SP');
/* Save the $returnTo url until the user returns from the IdP. */
- $session->setData('spLogoutReturnTo', $lr->getGeneratedID(), 15*60, $returnTo);
+ $session->setData('spLogoutReturnTo', $lr->getGeneratedID(), $returnTo);
$httpredirect = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);