maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Change default session idle timeout to 8 hours. (#115565)

Browse source
This commit is contained in:
Aleh Zasypkin 2021-10-19 18:38:27 +02:00 committed by GitHub
parent 498050e05b
commit 83f12a9d82
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 13 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/settings/security-settings.asciidoc
View file

@ -272,7 +272,7 @@ You can configure the following settings in the `kibana.yml` file.
|[[xpack-session-idleTimeout]] `xpack.security.session.idleTimeout` {ess-icon}
| Ensures that user sessions will expire after a period of inactivity. This and <<xpack-session-lifespan,`xpack.security.session.lifespan`>> are both
highly recommended. You can also specify this setting for <<xpack-security-provider-session-idleTimeout, every provider separately>>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 1 hour.
highly recommended. You can also specify this setting for <<xpack-security-provider-session-idleTimeout, every provider separately>>. If this is set to `0`, then sessions will never expire due to inactivity. By default, this value is 8 hours.
2+a|
[TIP]

2
docs/user/security/session-management.asciidoc
View file

@ -12,7 +12,7 @@ To manage user sessions programmatically, {kib} exposes <<session-management-api
==== Session idle timeout
You can use `xpack.security.session.idleTimeout` to expire sessions after a period of inactivity. This and `xpack.security.session.lifespan` are both highly recommended.
By default, sessions expire after 1 hour of inactivity. To define another value for a sliding session expiration, set the property in the `kibana.yml` configuration file. The idle timeout is formatted as a duration of `<count>[ms|s|m|h|d|w|M|Y]` (e.g. '20m', '24h', '7d', '1w'). For example, set the idle timeout to expire sessions after 30 minutes of inactivity:
By default, sessions expire after 8 hours of inactivity. To define another value for a sliding session expiration, set the property in the `kibana.yml` configuration file. The idle timeout is formatted as a duration of `<count>[ms|s|m|h|d|w|M|Y]` (e.g. '20m', '24h', '7d', '1w'). For example, set the idle timeout to expire sessions after 30 minutes of inactivity:
--
[source,yaml]

18
x-pack/plugins/security/server/config.test.ts
View file

@ -63,7 +63,7 @@ describe('config schema', () => {
"secureCookies": false,
"session": Object {
"cleanupInterval": "PT1H",
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "P30D",
},
"showInsecureClusterWarning": true,
@ -117,7 +117,7 @@ describe('config schema', () => {
"secureCookies": false,
"session": Object {
"cleanupInterval": "PT1H",
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "P30D",
},
"showInsecureClusterWarning": true,
@ -170,7 +170,7 @@ describe('config schema', () => {
"secureCookies": false,
"session": Object {
"cleanupInterval": "PT1H",
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "P30D",
},
"showInsecureClusterWarning": true,
@ -1768,7 +1768,7 @@ describe('createConfig()', () => {
expect(createMockConfig().session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
.toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "P30D",
}
`);
@ -1818,7 +1818,7 @@ describe('createConfig()', () => {
})
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "PT0.456S",
}
`);
@ -1852,7 +1852,7 @@ describe('createConfig()', () => {
createMockConfig({ session: { lifespan: 456 } }).session.getExpirationTimeouts(provider)
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "PT0.456S",
}
`);
@ -1933,14 +1933,14 @@ describe('createConfig()', () => {
expect(configWithoutGlobal.session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
.toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "PT0.654S",
}
`);
expect(configWithoutGlobal.session.getExpirationTimeouts({ type: 'saml', name: 'saml1' }))
.toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "PT11M5.544S",
}
`);
@ -1957,7 +1957,7 @@ describe('createConfig()', () => {
expect(configWithGlobal.session.getExpirationTimeouts({ type: 'basic', name: 'basic1' }))
.toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"idleTimeout": "PT8H",
"lifespan": "PT0.654S",
}
`);

2
x-pack/plugins/security/server/config.ts
View file

@ -211,7 +211,7 @@ export const ConfigSchema = schema.object({
),
session: schema.object({
idleTimeout: schema.oneOf([schema.duration(), schema.literal(null)], {
defaultValue: schema.duration().validate('1h'),
defaultValue: schema.duration().validate('8h'),
}),
lifespan: schema.oneOf([schema.duration(), schema.literal(null)], {
defaultValue: schema.duration().validate('30d'),

2
x-pack/plugins/security/server/usage_collector/security_usage_collector.test.ts
View file

@ -47,7 +47,7 @@ describe('Security UsageCollector', () => {
enabledAuthProviders: ['basic'],
loginSelectorEnabled: false,
httpAuthSchemes: ['apikey', 'bearer'],
sessionIdleTimeoutInMinutes: 60,
sessionIdleTimeoutInMinutes: 480,
sessionLifespanInMinutes: 43200,
sessionCleanupInMinutes: 60,
};