You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Alex Petrov (JIRA)" <ji...@apache.org> on 2019/07/02 12:37:00 UTC
[jira] [Updated] (CASSANDRA-11097) Idle session timeout for secure
environments
[ https://issues.apache.org/jira/browse/CASSANDRA-11097?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Petrov updated CASSANDRA-11097:
------------------------------------
Test and Documentation Plan: Patch is relatively small. Tests are integrated in the patch. Additional testing is possible from the side of java (or python) drivers.
Status: Patch Available (was: Open)
> Idle session timeout for secure environments
> --------------------------------------------
>
> Key: CASSANDRA-11097
> URL: https://issues.apache.org/jira/browse/CASSANDRA-11097
> Project: Cassandra
> Issue Type: Improvement
> Components: Legacy/CQL
> Reporter: Jeff Jirsa
> Assignee: Alex Petrov
> Priority: Low
> Labels: lhf, ponies
>
> A thread on the user list pointed out that some use cases may prefer to have a database disconnect sessions after some idle timeout. An example would be an administrator who connected via ssh+cqlsh and then walked away. Disconnecting that user and forcing it to re-authenticate could protect against unauthorized access.
> It seems like it may be possible to do this using a netty {{IdleStateHandler}} in a way that's low risk and perhaps off by default.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org