-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/55890/
-----------------------------------------------------------
(Updated Jan. 25, 2017, 7:01 p.m.)
Review request for geode, Jinmei Liao, Jared Stewart, Kevin Duling, and Swapnil
Bawaskar.
Changes
-------
Added a couple checks and log custom error messages if unable to increase
global session timeout.
Bugs: GEODE-2354
https://issues.apache.org/jira/browse/GEODE-2354
Repository: geode
Description
-------
Use of security-manager results in
org.apache.shiro.session.UnknownSessionExceptions being thrown from protected
operations after 30 minutes idle (the default global session timeout in Apache
Shiro).
GFSH connects to the JMX Manager but this connection has no timeout even if the
cluster is secured. So after 30 minutes of being idle, GFSH will remain
connected to the JMX Manager but all commands that are protected will result in
an UnknownSessionException.
The changes in the change set simply set the global session timeout to
MAX_VALUE if the user has specified a security-manager. If the user specifies
security-shiro-init (for a custom shiro.ini) then we leave the global session
configuration to the user's shiro.ini.
Diffs (updated)
-----
geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
73d051f834425f1cf2c2164925f890bf42d36a9d
Diff: https://reviews.apache.org/r/55890/diff/
Testing
-------
precheckin in progress
Thanks,
Kirk Lund
