Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-9004

Max authentication session timeout is limited to 25 days, whereas it should be 3 months

    XMLWordPrintable

    Details

      Description

      Context

      • Set sonar.web.sessionTimeoutInMinutes to 129600 in sonar.properties
      • Start SonarQube
      • Authenticate with any user

      No error is reported but the user is not logged (even if the JWT-SESSION cookie is created)

      Technical details

      The expiration date generated the JWT token is set to a past value in this case, because an integer is used to store the timeout value instead of a long (in JwtSerializer and JwtHttpHandler).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              julien.lancelot Julien Lancelot
              Reporter:
              julien.lancelot Julien Lancelot
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: