Fix handling of login session expiration and incorrect caching of login redirect responses.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1517413 13f79535-47bb-0310-9956-ffa450edef68
author: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2013-08-26 03:04:28 +0000
committer: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> 2013-08-26 03:04:28 +0000
commit: 18b3a48e842d1e13b5a8505f8fd18069836d8fa5 (patch)
tree: 2a95d38899ddddb20356903e163704d6753cf2fb /sca-cpp/trunk/modules/http/form-auth-conf
parent: 7905926c413e843d9497948cb824059f2c017f6a (diff)
1 files changed, 10 insertions, 2 deletions
diff --git a/sca-cpp/trunk/modules/http/form-auth-conf b/sca-cpp/trunk/modules/http/form-auth-conf
index ba2f99dbf1..6a68da3972 100755
--- a/sca-cpp/trunk/modules/http/form-auth-conf
+++ b/sca-cpp/trunk/modules/http/form-auth-conf
@@ -44,6 +44,14 @@ else
     sslsuffix="-ssl"
 fi
 
+# Configure session crypto
+cat >>$root/conf/httpd.conf <<EOF
+# Configure session crypto
+SessionCryptoPassphrase $pw
+SessionCryptoDriver openssl
+
+EOF
+
 # Disallow public access to server resources
 cat >$root/conf/noauth$sslsuffix.conf <<EOF
 # Generated by: form-auth-conf $*
@@ -64,8 +72,8 @@ AuthnCacheProvideFor $providers
 AuthnCacheContext /
 AuthFormLoginRequiredLocation /login/
 Session On
-SessionCookieName TuscanyFormAuth domain=.$host; path=/; secure; httponly
-SessionCryptoPassphrase $pw
+SessionCookieName TuscanyFormAuth domain=.$host; max-age=604800; path=/; secure; httponly
+SessionMaxAge 0
 Require valid-user
 </Location>
author	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2013-08-26 03:04:28 +0000
committer	jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>	2013-08-26 03:04:28 +0000
commit	18b3a48e842d1e13b5a8505f8fd18069836d8fa5 (patch)
tree	2a95d38899ddddb20356903e163704d6753cf2fb /sca-cpp/trunk/modules/http/form-auth-conf
parent	7905926c413e843d9497948cb824059f2c017f6a (diff)