wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
748 stars 729 forks source link

Carbon management console session timeout is not configurable from deployment.toml #20477

Closed isuruhettiarachchi closed 5 months ago

isuruhettiarachchi commented 6 months ago

Describe the issue: Carbon management console session timeout should be configured in /repository/conf/tomcat/WEB-INF/web.xml file as below.

    <session-config>
        <session-timeout>1</session-timeout>
        <cookie-config>
            <secure>true</secure>
        </cookie-config>
        <tracking-mode>COOKIE</tracking-mode>
    </session-config>

However, this is not configurable from the deployment.toml even though there is a default value in the default.json file tomcat.management_console.session_timeout

Expected behavior: Management console session timeout should be able to configured from the toml file

Environment information (Please complete the following information; remove any unnecessary fields) :

Thisara-Welmilla commented 5 months ago

The /repository/conf/tomcat/carbon/WEB-INF/web.xml file does not have a corresponding .j2 file in the IS pack. Due to the complexity of the configurations in web.xml file, the .j2 file has been removed from the IS pack [1]. Our documentation advises updating the web.xml file directly to modify the session timeout value [2].

[1]. https://github.com/wso2/product-is/pull/6562/files [2]. https://is.docs.wso2.com/en/latest/deploy/get-started/run-the-product/#access-the-wso2-identity-server-console