Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-9004

Max authentication session timeout is limited to 25 days, whereas it should be 3 months

    Details

      Description

      Context

      • Set sonar.web.sessionTimeoutInMinutes to 129600 in sonar.properties
      • Start SonarQube
      • Authenticate with any user

      No error is reported but the user is not logged (even if the JWT-SESSION cookie is created)

      Technical details

      The expiration date generated the JWT token is set to a past value in this case, because an integer is used to store the timeout value instead of a long (in JwtSerializer and JwtHttpHandler).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                julien.lancelot Julien Lancelot
                Reporter:
                julien.lancelot Julien Lancelot
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: