Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-3858

Use a shorter timeout for the REST API's application sessions

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Fixed
    • 2.7.2
    • REST
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Requests authenticating to Crowd's REST API will create a session. If clients use the same session cookie for subsequent requests then they can avoid reauthenticating, which may save time. However, as the only value of these sessions is for performance, there's no reason for the sessions to be long lived.

      Reduce the timeout to a minute. After that long, the cost of reauthenticating is negligible.

      At the same time, remove the code to delete Crowd sessions when the HttpSessions expire. They'll expire around the same time, which is good enough for them to provide indicative state.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CWD-3857 Revert locking change to SwitchableTokenManagerImpl

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              jwalton joe
              jwalton joe
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: