diff options
author | Simo Sorce <simo@redhat.com> | 2017-02-27 10:50:03 -0500 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2017-03-01 13:43:40 +0100 |
commit | d5e7a57e5b25b9cecb7a65096487a65374ad860d (patch) | |
tree | 1ba3f4afa5979e1612bbced9188205493d4b2be6 | |
parent | a163ad77b3d12f2da2b135de29f594c06190b41a (diff) | |
download | freeipa-d5e7a57e5b25b9cecb7a65096487a65374ad860d.tar.gz freeipa-d5e7a57e5b25b9cecb7a65096487a65374ad860d.tar.xz freeipa-d5e7a57e5b25b9cecb7a65096487a65374ad860d.zip |
Limit sessions to 30 minutes by default
When we changed the session handling code we unintentinally extended
sessions expiraion time to the whole ticket lifetime of 24h.
Related to https://fedorahosted.org/freeipa/ticket/5959
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
-rw-r--r-- | install/conf/ipa.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index 635bfe5c6..419d4e347 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -67,6 +67,7 @@ WSGIScriptReloading Off Session On SessionCookieName ipa_session path=/ipa;httponly;secure; SessionHeader IPASESSION + SessionMaxAge 1800 GssapiSessionKey file:/etc/httpd/alias/ipasession.key GssapiDelegCcacheDir /var/run/ipa/ccaches |