Support expiration for session creation
See original GitHub issueEncode an optional expiration timestamp with signed session id’s and refuse to create the session if the id is expired. Propose adding server option --session-expiration-duration
which will be added to UTC now()
when the signed session id is created, and then checked against UTC now()
when the session is to be created in the server.
Issue Analytics
- State:
- Created 4 years ago
- Comments:11 (11 by maintainers)
Top Results From Across the Web
Session Management - OWASP Cheat Sheet Series
Session Expiration. In order to minimize the time period an attacker can launch attacks over active sessions and hijack them, it is mandatory...
Read more >How to Fix Session Has Expired Error on the Internet
If a session is not established, you can get a session expired message immediately or very shortly after connecting to or logging in...
Read more >Configure session expiration - Sitecore Documentation
The session expiration process Converts expired sessions from the tracker model to the xConnect model and submits to the xConnect Collection ( ...
Read more >Session timeout | Granicus Support
For Self - you can set the session lifetime until a logged in user's session expires, from between 10 to 360 mins. The...
Read more >How to specify an expiration time for the JSESSIONID that is ...
This way a REST client (e.g. web browser) can persist the JSESSIONID even between restarts of the client until the cookie expires. In...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@bryevdv Thanks! I think I’m still a bit confused, although it’s hard to express the exact reason. But if you have a way to proceed, I’ll probably just look at the resulting PR and see if I have any questions/concerns left.
This was closed in #9536