Change default session idle timeout to 8 hours. (#115565)
This commit is contained in:
parent
498050e05b
commit
83f12a9d82
|
@ -272,7 +272,7 @@ You can configure the following settings in the `kibana.yml` file.
|
|||
|
||||
|[[xpack-session-idleTimeout]] `xpack.security.session.idleTimeout` {ess-icon}
|
||||
| Ensures that user sessions will expire after a period of inactivity. This and <<xpack-session-lifespan,`xpack.security.session.lifespan`>> are both
|
||||
highly recommended. You can also specify this setting for <<xpack-security-provider-session-idleTimeout, every provider separately>>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 1 hour.
|
||||
highly recommended. You can also specify this setting for <<xpack-security-provider-session-idleTimeout, every provider separately>>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 8 hours.
|
||||
|
||||
2+a|
|
||||
[TIP]
|
||||
|
|
|
@ -12,7 +12,7 @@ To manage user sessions programmatically, {kib} exposes <<session-management-api
|
|||
==== Session idle timeout
|
||||
|
||||
You can use `xpack.security.session.idleTimeout` to expire sessions after a period of inactivity. This and `xpack.security.session.lifespan` are both highly recommended.
|
||||
By default, sessions expire after 1 hour of inactivity. To define another value for a sliding session expiration, set the property in the `kibana.yml` configuration file. The idle timeout is formatted as a duration of `<count>[ms|s|m|h|d|w|M|Y]` (e.g. '20m', '24h', '7d', '1w'). For example, set the idle timeout to expire sessions after 30 minutes of inactivity:
|
||||
By default, sessions expire after 8 hours of inactivity. To define another value for a sliding session expiration, set the property in the `kibana.yml` configuration file. The idle timeout is formatted as a duration of `<count>[ms|s|m|h|d|w|M|Y]` (e.g. '20m', '24h', '7d', '1w'). For example, set the idle timeout to expire sessions after 30 minutes of inactivity:
|
||||
|
||||
--
|
||||
[source,yaml]
|
||||
|
|
|
@ -63,7 +63,7 @@ describe('config schema', () => {
|
|||
"secureCookies": false,
|
||||
"session": Object {
|
||||
"cleanupInterval": "PT1H",
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "P30D",
|
||||
},
|
||||
"showInsecureClusterWarning": true,
|
||||
|
@ -117,7 +117,7 @@ describe('config schema', () => {
|
|||
"secureCookies": false,
|
||||
"session": Object {
|
||||
"cleanupInterval": "PT1H",
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "P30D",
|
||||
},
|
||||
"showInsecureClusterWarning": true,
|
||||
|
@ -170,7 +170,7 @@ describe('config schema', () => {
|
|||
"secureCookies": false,
|
||||
"session": Object {
|
||||
"cleanupInterval": "PT1H",
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "P30D",
|
||||
},
|
||||
"showInsecureClusterWarning": true,
|
||||
|
@ -1768,7 +1768,7 @@ describe('createConfig()', () => {
|
|||
expect(createMockConfig().session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
|
||||
.toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "P30D",
|
||||
}
|
||||
`);
|
||||
|
@ -1818,7 +1818,7 @@ describe('createConfig()', () => {
|
|||
})
|
||||
).toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "PT0.456S",
|
||||
}
|
||||
`);
|
||||
|
@ -1852,7 +1852,7 @@ describe('createConfig()', () => {
|
|||
createMockConfig({ session: { lifespan: 456 } }).session.getExpirationTimeouts(provider)
|
||||
).toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "PT0.456S",
|
||||
}
|
||||
`);
|
||||
|
@ -1933,14 +1933,14 @@ describe('createConfig()', () => {
|
|||
expect(configWithoutGlobal.session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
|
||||
.toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "PT0.654S",
|
||||
}
|
||||
`);
|
||||
expect(configWithoutGlobal.session.getExpirationTimeouts({ type: 'saml', name: 'saml1' }))
|
||||
.toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "PT11M5.544S",
|
||||
}
|
||||
`);
|
||||
|
@ -1957,7 +1957,7 @@ describe('createConfig()', () => {
|
|||
expect(configWithGlobal.session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
|
||||
.toMatchInlineSnapshot(`
|
||||
Object {
|
||||
"idleTimeout": "PT1H",
|
||||
"idleTimeout": "PT8H",
|
||||
"lifespan": "PT0.654S",
|
||||
}
|
||||
`);
|
||||
|
|
|
@ -211,7 +211,7 @@ export const ConfigSchema = schema.object({
|
|||
),
|
||||
session: schema.object({
|
||||
idleTimeout: schema.oneOf([schema.duration(), schema.literal(null)], {
|
||||
defaultValue: schema.duration().validate('1h'),
|
||||
defaultValue: schema.duration().validate('8h'),
|
||||
}),
|
||||
lifespan: schema.oneOf([schema.duration(), schema.literal(null)], {
|
||||
defaultValue: schema.duration().validate('30d'),
|
||||
|
|
|
@ -47,7 +47,7 @@ describe('Security UsageCollector', () => {
|
|||
enabledAuthProviders: ['basic'],
|
||||
loginSelectorEnabled: false,
|
||||
httpAuthSchemes: ['apikey', 'bearer'],
|
||||
sessionIdleTimeoutInMinutes: 60,
|
||||
sessionIdleTimeoutInMinutes: 480,
|
||||
sessionLifespanInMinutes: 43200,
|
||||
sessionCleanupInMinutes: 60,
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue