Open GoogleCodeExporter opened 8 years ago
The main goal of updated session is to limit spoofing time window. Disabled it
have (in my opinion) no sense as we can't offer spoofer an unlimited time
access.
Let's have other opinion about this before included an option that's possibly
makes kanet less secure.
Original comment by cymo...@gmail.com
on 31 Jan 2012 at 10:10
After using it for about a week now I think this would be very useful as an
option. I don't think that having unlimited would be good but maybe having a
way to configure session-limit by minutes/hours. Most of our students at our
school use their Anroid/Apple products to connect to our Wifi and cannot
maintain a open window. Our current wireless login is based on a time-limit, we
are using our Sonicwall AP's that redirect to a Sonicwall login page on the
firewall itself giving them certain ampoutn of time before they need to
re-authenticate.
I REALLY want to use this for our wireless, 90% of our web apps use our CAS for
login and moving our wireless to the same login would be awesome!
Jason
Original comment by jason.ev...@gmail.com
on 3 Jul 2012 at 1:38
if the session time out (15s default) can be set manually in config file is
enough ?
Original comment by cymo...@gmail.com
on 3 Jul 2012 at 1:49
Where is this option, I looked in the config file and cannot find a Default
Session TimeOut of 15s? Would probably work if I could find, lol..
Thanks,
Jason
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 2:12
Hi jason,
it was a question ... in fact i update some code with this :
"WEB_SESSION_TIMEOUT" : "7200",
"ENABLE_TIMEOUT" : "1",
WEB_SESSION_TIMEOUT is the authentication duration and ENABLE_TIMEOUT is to
enable/disable session update to validate.
I need to test those changes.
Can you test it ?
Original comment by cymo...@gmail.com
on 5 Jul 2012 at 2:22
I added just under the Default configuration like so
"ENABLE_TIMEOUT" : "1",
"WEB_SESSION_TIMEOUT" : "7200",
I didn't see any change, I closed the browser which in-turn destroys the CAS
session and the KANET was still looking for a valid ticket just a few mitutes
later,
Is there anything else that should be updated?
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 2:54
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 2:59
Attachments:
I uploaded the logs above, just scroll down to todays dates, July 5th around
930-10am CST
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 3:01
Jason .. change can't be done Over The Air .. to test you need to download new
sources, compile and install it.
I tried to init the git repository, but no way .. :S
Original comment by cymo...@gmail.com
on 5 Jul 2012 at 3:04
Ohh ok, So I will get it downloaded and let you know, lol
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 3:08
Whats the git repo link?
Original comment by jason.ev...@gmail.com
on 5 Jul 2012 at 3:09
Original issue reported on code.google.com by
thomas.b...@gmail.com
on 31 Jan 2012 at 10:00