You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by GitBox <gi...@apache.org> on 2023/01/09 19:12:31 UTC

[GitHub] [knox] pzampino commented on a diff in pull request #714: KNOX-2862 - Setup idle timeout for SSO cookie to 15 minutes

pzampino commented on code in PR #714:
URL: https://github.com/apache/knox/pull/714#discussion_r1065015897


##########
gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java:
##########
@@ -95,7 +95,7 @@ public class WebSSOResource {
   private static final String ORIGINAL_URL_COOKIE_NAME = "original-url";
   private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt";
   private static final String SSO_COOKIE_SAMESITE_DEFAULT = "Strict";
-  private static final long TOKEN_TTL_DEFAULT = 30000L;
+  private static final long TOKEN_TTL_DEFAULT = 15000 * 60;

Review Comment:
   Does the default value have to be FedRAMP-compliant? I would expect admins deploying Knox for FedRAMP-compliant applications would configure the TTL explicitly to adhere to those requirements.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@knox.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org