Dan Kirkwood created TC-509:

             Summary: TO postinstall set default number of secrets to 1
                 Key: TC-509
                 URL: https://issues.apache.org/jira/browse/TC-509
             Project: Traffic Control
          Issue Type: Improvement
          Components: Traffic Ops
    Affects Versions: 2.1.0, 2.0.0
            Reporter: Dan Kirkwood
            Priority: Trivial
             Fix For: 2.2.0

postinstall for traffic_ops has default number of secrets to keep as 10.

really no need to keep more than 2,  and default should be only 1.  The list is 
so if you create a new secret, any outstanding authentication cookies don't 
immediately get invalidated.   So, the process should be to create a new 
secret,  wait until max expiration has passed (during which any new cookies are 
created using the new secret),  then remove the old secret.

Old secrets should not be kept any longer than that....

This message was sent by Atlassian JIRA

Reply via email to