Warn if cache.web_sessions.maxAge is to small

Setting maxAge to a small value e.g. 59s can result in the browser endlessly redirecting trying to setup a new valid session. Warn administrators that the value is set smaller than 5 minutes. Bug: issue 1821 Change-Id: I7a306d93ca5bd55d68d0909be52b259acdbb6db5
2013-03-12 06:54:18 -07:00
parent 6acb357b2d
commit 7a9be070f8
1 changed files with 9 additions and 0 deletions
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSessionManager.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSessionManager.java
@@ -36,6 +36,8 @@ import com.google.inject.Singleton;
 import com.google.inject.name.Named;

 import org.eclipse.jgit.lib.Config;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;

 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -47,6 +49,7 @@ import java.util.concurrent.TimeUnit;

@Singleton
 class WebSessionManager {
+  private static final Logger log = LoggerFactory.getLogger(WebSessionManager.class);
  static final String CACHE_NAME = "web_sessions";

  static long now() {
@@ -66,6 +69,12 @@ class WebSessionManager {
    sessionMaxAgeMillis = MINUTES.toMillis(ConfigUtil.getTimeUnit(cfg,
        "cache", CACHE_NAME, "maxAge",
        MAX_AGE_MINUTES, MINUTES));
+    if (sessionMaxAgeMillis < TimeUnit.MINUTES.toMillis(5)) {
+      log.warn(String.format(
+          "cache.%s.maxAge is set to %d milliseconds;" +
+          " it should be at least 5 minutes.",
+          CACHE_NAME, sessionMaxAgeMillis));
+    }
  }

  Key createKey(final Account.Id who) {