opendev/gerrit
Code Issues Proposed changes

Warn if cache.web_sessions.maxAge is to small

Browse Source 
Setting maxAge to a small value e.g. 59s can result in the
browser endlessly redirecting trying to setup a new valid
session. Warn administrators that the value is set smaller
than 5 minutes.

Bug: issue 1821
Change-Id: I7a306d93ca5bd55d68d0909be52b259acdbb6db5
This commit is contained in:
Shawn Pearce
2013-03-12 06:54:18 -07:00
parent 6acb357b2d
commit 7a9be070f8
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSessionManager.java
View File

@@ -36,6 +36,8 @@ import com.google.inject.Singleton;
import com.google.inject.name.Named; import com.google.inject.name.Named;
import org.eclipse.jgit.lib.Config; import org.eclipse.jgit.lib.Config;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
@@ -47,6 +49,7 @@ import java.util.concurrent.TimeUnit;
@Singleton @Singleton
class WebSessionManager { class WebSessionManager {
private static final Logger log = LoggerFactory.getLogger(WebSessionManager.class);
static final String CACHE_NAME = "web_sessions"; static final String CACHE_NAME = "web_sessions";
static long now() { static long now() {
@@ -66,6 +69,12 @@ class WebSessionManager {
sessionMaxAgeMillis = MINUTES.toMillis(ConfigUtil.getTimeUnit(cfg, sessionMaxAgeMillis = MINUTES.toMillis(ConfigUtil.getTimeUnit(cfg,
"cache", CACHE_NAME, "maxAge", "cache", CACHE_NAME, "maxAge",
MAX_AGE_MINUTES, MINUTES)); MAX_AGE_MINUTES, MINUTES));
if (sessionMaxAgeMillis < TimeUnit.MINUTES.toMillis(5)) {
log.warn(String.format(
"cache.%s.maxAge is set to %d milliseconds;" +
" it should be at least 5 minutes.",
CACHE_NAME, sessionMaxAgeMillis));
}
} }
Key createKey(final Account.Id who) { Key createKey(final Account.Id who) {