search

cloudfoundry-incubator / admin-ui

Need new main contributor - An application for viewing Cloud Foundry metrics and operations data.
Apache License 2.0
71 stars 44 forks source link

When using SSL Rack::Session::expire_after is hard coded to 60 seconds #180

Closed jmprice closed 7 years ago

jmprice commented 7 years ago

/lib/admin/secure_web.rb the Rack::Session::expire_after value is set to 60 seconds.

In lib/admin/web.rb it looks like you are trying to reset the session expiration = ssl_max_session_idle_length env['rack.session.options'][:expire_after] = @config.ssl_max_session_idle_length.to_i if @config.secured_client_connection but that line of code doesn't run until after the session has already expired so, immediately after resetting the session expiration value the session is destroyed and a new one established with the 60 second value.

Please see the attached log file for an example of this behavior. admin_ui.log

rboykin commented 7 years ago

Thanks @jmprice. I will look into it.

rboykin commented 7 years ago

Fixed via https://github.com/cloudfoundry-incubator/admin-ui/commit/23251448bcd0f440e770bc2d5c2deb2ad64f1ee9