Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Large session timeout number expires session almost instantaneously #22374

Closed
octocat-mona opened this issue Aug 24, 2018 · 2 comments · Fixed by #79858
Closed

Large session timeout number expires session almost instantaneously #22374

octocat-mona opened this issue Aug 24, 2018 · 2 comments · Fixed by #79858
Labels
bug Fixes for quality problems that affect the customer experience Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@octocat-mona
Copy link

octocat-mona commented Aug 24, 2018
edited by azasypkin
Loading

Kibana version:
6.4.0
Elasticsearch version:
6.4.0
Server OS version:
CentOS (Docker image)
Browser version:
Chrome 68.0.3440.106
Browser OS version:
Windows 10 Version1709
Original install method (e.g. download page, yum, from source, etc.):
Docker
Describe the bug:
Setting a large number like a month (2592000000) for xpack.security.sessionTimeout actually gives an almost instant session timeout message in Kibana: You will soon be logged out due to inactivity. Click OK to resume.

There seems to be no maximum defined in the documentation:
https://www.elastic.co/guide/en/kibana/6.4/security-settings-kb.html#security-ui-settings

Steps to reproduce:

  1. Set environment variable in Docker Compose file: XPACK_SECURITY_SESSIONTIMEOUT: 2592000000
  2. Set Elasticsearch url, username and password variables
  3. Run Kibana
  4. Login to Kibana
  5. Wait a few seconds

Expected behavior:
No session timout warning shown
Screenshots (if relevant):
image

Errors in browser console (if relevant):
N/A
Provide logs and/or server output (if relevant):
N/A
Any additional context:
N/A

Blocks: #68885
@liza-mae liza-mae added Team:Operations Team label for Operations Team triage_needed labels Aug 27, 2018
@jbudz jbudz added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! and removed Team:Operations Team label for Operations Team labels Feb 1, 2019
@octocat-mona
Copy link
Author

This is still the case in 7.0.0, no planning for a fix yet?

@legrego legrego mentioned this issue Apr 23, 2020
Closed
@legrego
Copy link
Member

legrego commented Apr 23, 2020
edited by jportner
Loading

Linking to @jportner 's analysis of the problem from a duplicated issue: #64264 (comment)

@legrego legrego added bug Fixes for quality problems that affect the customer experience and removed triage_needed labels Apr 23, 2020
@azasypkin azasypkin mentioned this issue Jun 17, 2020
Closed
@azasypkin azasypkin mentioned this issue Oct 7, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow idleTimeout/lifespan larger than 32-bit signed integer. azasypkin/kibana
4 participants
@octocat-mona @jbudz @legrego @liza-mae