URL: https://github.com/freeipa/freeipa/pull/514 Author: simo5 Title: #514: Limit sessions to 30 minutes by default Action: opened
PR body: """ When we changed the session handling code we unintentinally extended sessions expiraion time to the whole ticket lifetime of 24h. Related to https://fedorahosted.org/freeipa/ticket/5959 Signed-off-by: Simo Sorce <s...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/514/head:pr514 git checkout pr514
From 61d3244b77c293f786032e607417c1352de0aef0 Mon Sep 17 00:00:00 2001 From: Simo Sorce <s...@redhat.com> Date: Mon, 27 Feb 2017 10:50:03 -0500 Subject: [PATCH] Limit sessions to 30 minutes by default When we changed the session handling code we unintentinally extended sessions expiraion time to the whole ticket lifetime of 24h. Related to https://fedorahosted.org/freeipa/ticket/5959 Signed-off-by: Simo Sorce <s...@redhat.com> --- install/conf/ipa.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index 635bfe5..419d4e3 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -67,6 +67,7 @@ WSGIScriptReloading Off Session On SessionCookieName ipa_session path=/ipa;httponly;secure; SessionHeader IPASESSION + SessionMaxAge 1800 GssapiSessionKey file:/etc/httpd/alias/ipasession.key GssapiDelegCcacheDir /var/run/ipa/ccaches
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
