We are using "local" auth in combination with pam_radius to authenticate via DUO proxy (i.e. RADIUS server with MFA) and found the BasicAuth timeout was statically set to 5 seconds. This does not leave users enough time to respond to MFA requests before the context deadline drops the connection.
This removes the static 5 seconds and adds a configuration setting for "BasicAuthTimeout" with a default of 5 seconds, but is configurable in cases such as these where longer timeouts are prefereable.
bolkedebruin
commented
6 months ago
We are using "local" auth in combination with pam_radius to authenticate via DUO proxy (i.e. RADIUS server with MFA) and found the BasicAuth timeout was statically set to 5 seconds. This does not leave users enough time to respond to MFA requests before the context deadline drops the connection.
This removes the static 5 seconds and adds a configuration setting for "BasicAuthTimeout" with a default of 5 seconds, but is configurable in cases such as these where longer timeouts are prefereable.