Bug 733753 - Test configuration of auth. session timeout (after which the user is logged out) in /etc/sysconfig/luci
Summary: Test configuration of auth. session timeout (after which the user is logged o...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: luci
Version: 6.3
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Jan Pokorný [poki]
QA Contact: Cluster QE
URL:
Whiteboard:
Depends On: 639075 731856
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-08-26 17:30 UTC by Jan Pokorný [poki]
Modified: 2013-06-10 14:30 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Since RHEL 6.3, luci authenticated sessions will automatically timeout after 15 minutes of inactivity. This period is customizable in /etc/sysconfig/luci by modifying the "who.auth_tkt_timeout" parameter. It is important to note that the only valid values are 0 (no timeout) and values above 60 seconds (i.e. greater than one minute).
Clone Of:
Environment:
Last Closed: 2012-06-20 12:17:55 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2012:0766 normal SHIPPED_LIVE luci bug fix and enhancement update 2012-06-19 19:30:16 UTC
Red Hat Knowledge Base (Solution) 394843 None None None Never
Red Hat Bugzilla 661386 None None None Never

Internal Links: 661386

Description Jan Pokorný [poki] 2011-08-26 17:30:08 UTC
Actually, this is already in since luci 0.23/RHEL 6.1 that initially
(talking about a "new-gen" luci 0.20+) enabled user to configure some
of the aspects of luci via /etc/sysconfig/luci, item from the summary
being amongst them.  It originated in upstream change related to
RFE/bug #661386.

But there are some catches:

1. such user configuration has not been documented yet: bug 731856

2. the first version we can expect to make discussed configuration item
   effective is RHEL 6.3 (not much desirably, things got stuck a bit
   in this regard): bug 639075

Apparently, this was filled mainly for smooth integration with the above bugs.

Comment 1 Jan Pokorný [poki] 2011-09-29 17:14:44 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
(preliminary)
Since RHEL 6.3, luci authenticated session will
automatically timeout after 15 (?) minutes.
This period is customizable in /etc/sysconfig/luci
by modifying "who.auth_tkt_timeout" parameter.

Comment 3 Jan Pokorný [poki] 2011-10-11 13:18:37 UTC
Another thing related to session timeout:

Should we provide a graphic indication of time remaining?
I've actually seen this on some sites.

Comment 5 Ryan McCabe 2012-04-03 16:13:15 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,5 +1,5 @@
 (preliminary)
-Since RHEL 6.3, luci authenticated session will
-automatically timeout after 15 (?) minutes.
+Since RHEL 6.3, luci authenticated sessions will
+automatically timeout after 15 minutes of inactivity.
 This period is customizable in /etc/sysconfig/luci
-by modifying "who.auth_tkt_timeout" parameter.+by modifying the "who.auth_tkt_timeout" parameter.

Comment 11 Lon Hohberger 2012-05-11 15:17:30 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -2,4 +2,6 @@
 Since RHEL 6.3, luci authenticated sessions will
 automatically timeout after 15 minutes of inactivity.
 This period is customizable in /etc/sysconfig/luci
-by modifying the "who.auth_tkt_timeout" parameter.+by modifying the "who.auth_tkt_timeout" parameter.
+
+It is important to note that the only valid values 0 (no timeout) and values above 60 seconds (i.e. greater than one minute).

Comment 12 Lon Hohberger 2012-05-11 15:18:33 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -4,4 +4,4 @@
 This period is customizable in /etc/sysconfig/luci
 by modifying the "who.auth_tkt_timeout" parameter.
 
-It is important to note that the only valid values 0 (no timeout) and values above 60 seconds (i.e. greater than one minute).+It is important to note that the only valid values are 0 (no timeout) and values above 60 seconds (i.e. greater than one minute).

Comment 13 Lon Hohberger 2012-05-11 15:18:54 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,4 +1,3 @@
-(preliminary)
 Since RHEL 6.3, luci authenticated sessions will
 automatically timeout after 15 minutes of inactivity.
 This period is customizable in /etc/sysconfig/luci

Comment 17 errata-xmlrpc 2012-06-20 12:17:55 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0766.html


Note You need to log in before you can comment on or make changes to this bug.