From d169919a1ff5a7668c8bb23a45b59011a91132e1 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Mon, 20 Apr 2015 16:44:41 -0400 Subject: Remove expired SAML2 sessions Run a cherrypy background task to sift through the sessions database and find expired entries and remove them. From my testing if a previous execution of the background task is still executing when the next one is scheduled to run, it will skip it. In other words, you can't end up with multiple expirations running at the same time. Signed-off-by: Rob Crittenden --- ipsilon/providers/saml2idp.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ipsilon/providers/saml2idp.py') diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py index 6528fdf..efaf67e 100644 --- a/ipsilon/providers/saml2idp.py +++ b/ipsilon/providers/saml2idp.py @@ -8,6 +8,7 @@ from ipsilon.providers.saml2.admin import Saml2AdminPage from ipsilon.providers.saml2.rest import Saml2RestBase from ipsilon.providers.saml2.provider import IdentityProvider from ipsilon.providers.saml2.sessions import SAMLSessionFactory +from ipsilon.providers.saml2.sessions import expire_sessions from ipsilon.tools.certs import Certificate from ipsilon.tools import saml2metadata as metadata from ipsilon.tools import files @@ -280,6 +281,9 @@ Provides SAML 2.0 authentication infrastructure. """ logger.addHandler(lh) logger.setLevel(logging.DEBUG) + bt = cherrypy.process.plugins.BackgroundTask(60, expire_sessions) + bt.start() + @property def allow_self_registration(self): return self.get_config_value('allow self registration') -- cgit