|
|
483b06 |
From f231d5ceb283723c42f6c15210c76f28324c2e15 Mon Sep 17 00:00:00 2001
|
|
|
483b06 |
From: Simo Sorce <simo@redhat.com>
|
|
|
483b06 |
Date: Tue, 6 Jun 2017 09:04:58 -0400
|
|
|
483b06 |
Subject: [PATCH] Revert setting sessionMaxAge for old clients
|
|
|
483b06 |
|
|
|
483b06 |
Older clients have issues properly parsing cookies and the sessionMaxAge
|
|
|
483b06 |
setting is one of those that breaks them.
|
|
|
483b06 |
Comment out the setting and add a comment that explains why it is not
|
|
|
483b06 |
set by default.
|
|
|
483b06 |
|
|
|
483b06 |
https://pagure.io/freeipa/issue/7001
|
|
|
483b06 |
|
|
|
483b06 |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
483b06 |
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
|
|
|
483b06 |
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
483b06 |
---
|
|
|
483b06 |
install/conf/ipa.conf | 6 ++++--
|
|
|
483b06 |
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
|
483b06 |
|
|
|
483b06 |
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
|
|
|
483b06 |
index a7ca5ce715e55960b8edd307cdbe41dcbd6b29ca..01bf9a4f97fc0cf197c0ad12743affa597b54911 100644
|
|
|
483b06 |
--- a/install/conf/ipa.conf
|
|
|
483b06 |
+++ b/install/conf/ipa.conf
|
|
|
483b06 |
@@ -1,5 +1,5 @@
|
|
|
483b06 |
#
|
|
|
483b06 |
-# VERSION 26 - DO NOT REMOVE THIS LINE
|
|
|
483b06 |
+# VERSION 27 - DO NOT REMOVE THIS LINE
|
|
|
483b06 |
#
|
|
|
483b06 |
# This file may be overwritten on upgrades.
|
|
|
483b06 |
#
|
|
|
483b06 |
@@ -77,7 +77,9 @@ WSGIScriptReloading Off
|
|
|
483b06 |
Session On
|
|
|
483b06 |
SessionCookieName ipa_session path=/ipa;httponly;secure;
|
|
|
483b06 |
SessionHeader IPASESSION
|
|
|
483b06 |
- SessionMaxAge 1800
|
|
|
483b06 |
+ # Uncomment the following to have shorter sessions, but beware this may break
|
|
|
483b06 |
+ # old IPA client tols that incorrectly parse cookies.
|
|
|
483b06 |
+ # SessionMaxAge 1800
|
|
|
483b06 |
GssapiSessionKey file:/etc/httpd/alias/ipasession.key
|
|
|
483b06 |
|
|
|
483b06 |
GssapiImpersonate On
|
|
|
483b06 |
--
|
|
|
483b06 |
2.9.4
|
|
|
483b06 |
|