From 18b3a48e842d1e13b5a8505f8fd18069836d8fa5 Mon Sep 17 00:00:00 2001
From: jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>
Date: Mon, 26 Aug 2013 03:04:28 +0000
Subject: Fix handling of login session expiration and incorrect caching of
 login redirect responses.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1517413 13f79535-47bb-0310-9956-ffa450edef68
---
 sca-cpp/trunk/modules/http/form-auth-conf | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'sca-cpp/trunk/modules/http/form-auth-conf')

diff --git a/sca-cpp/trunk/modules/http/form-auth-conf b/sca-cpp/trunk/modules/http/form-auth-conf
index ba2f99dbf1..6a68da3972 100755
--- a/sca-cpp/trunk/modules/http/form-auth-conf
+++ b/sca-cpp/trunk/modules/http/form-auth-conf
@@ -44,6 +44,14 @@ else
     sslsuffix="-ssl"
 fi
 
+# Configure session crypto
+cat >>$root/conf/httpd.conf <<EOF
+# Configure session crypto
+SessionCryptoPassphrase $pw
+SessionCryptoDriver openssl
+
+EOF
+
 # Disallow public access to server resources
 cat >$root/conf/noauth$sslsuffix.conf <<EOF
 # Generated by: form-auth-conf $*
@@ -64,8 +72,8 @@ AuthnCacheProvideFor $providers
 AuthnCacheContext /
 AuthFormLoginRequiredLocation /login/
 Session On
-SessionCookieName TuscanyFormAuth domain=.$host; path=/; secure; httponly
-SessionCryptoPassphrase $pw
+SessionCookieName TuscanyFormAuth domain=.$host; max-age=604800; path=/; secure; httponly
+SessionMaxAge 0
 Require valid-user
 </Location>
 
-- 
cgit v1.2.3