[ https://issues.apache.org/jira/browse/CASSANDRA-11097?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235074#comment-15235074 ]
Stefan Podkowinski commented on CASSANDRA-11097: ------------------------------------------------ This is probably better handled by the client, so we could enable the timeout specifically e.g. for cqlsh users but not for native transport connections from services. Also see [JAVA-204|https://datastax-oss.atlassian.net/browse/JAVA-204]. > Idle session timeout for secure environments > -------------------------------------------- > > Key: CASSANDRA-11097 > URL: https://issues.apache.org/jira/browse/CASSANDRA-11097 > Project: Cassandra > Issue Type: Improvement > Reporter: Jeff Jirsa > Priority: Minor > Labels: lhf, ponies > > A thread on the user list pointed out that some use cases may prefer to have > a database disconnect sessions after some idle timeout. An example would be > an administrator who connected via ssh+cqlsh and then walked away. > Disconnecting that user and forcing it to re-authenticate could protect > against unauthorized access. > It seems like it may be possible to do this using a netty > {{IdleStateHandler}} in a way that's low risk and perhaps off by default. -- This message was sent by Atlassian JIRA (v6.3.4#6332)