John Dennis 059a90702e Implement session activity timeout ... Previously sessions expired after session_auth_duration had elapsed commencing from the start of the session. We new support a "rolling" expiration where the expiration is advanced by session_auth_duration everytime the session is accessed, this is equivalent to a inactivity timeout. The expiration is still constrained by the credential expiration in all cases. The session expiration behavior is configurable based on the session_auth_duration_type. * Reduced the default session_auth_duration from 1 hour to 20 minutes. * Replaced the sesssion write_timestamp with the access_timestamp and update the access_timestamp whenever the session data is created, retrieved, or written. * Modify set_session_expiration_time to handle both an inactivity timeout and a fixed duration. * Introduce KerberosSession as a mixin class to share session duration functionality with all classes manipulating session data with Kerberos auth. This is both the non-RPC login class and the RPC classes. * Update make-lint to handle new classes. * Added session_auth_duration_type config item. * Updated default.conf.5 man page for new session_auth_duration_type item. * Removed these unused config items: mount_xmlserver, mount_jsonserver, webui_assets_dir https://fedorahosted.org/freeipa/ticket/2392		2012-02-27 05:55:15 -05:00
..
install	Add SSHFP update policy for existing zones	2012-02-27 18:04:19 +01:00
plugins	Tweak the session auth to reflect developer consensus.	2012-02-27 05:54:29 -05:00
__init__.py	Change FreeIPA license to GPLv3+	2010-12-20 17:19:53 -05:00
conn.py	Change FreeIPA license to GPLv3+	2010-12-20 17:19:53 -05:00
ipaldap.py	Don't use sets when calculating the modlist so order is preserved.	2012-02-13 22:22:58 -05:00
ipautil.py	Change FreeIPA license to GPLv3+	2010-12-20 17:19:53 -05:00
rpcserver.py	Implement session activity timeout	2012-02-27 05:55:15 -05:00