[
https://issues.apache.org/jira/browse/CASSANDRA-11097?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235982#comment-15235982
]
Stefan Podkowinski commented on CASSANDRA-11097:
------------------------------------------------
Another option would be to address this at native transport protocol level by
extending the specification to a) allow to indicate if the client session is
interactive/non-interactive b) ask interactive clients to re-authenticate
through established connection after inactivity timeout.
> Idle session timeout for secure environments
> --------------------------------------------
>
> Key: CASSANDRA-11097
> URL: https://issues.apache.org/jira/browse/CASSANDRA-11097
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Jeff Jirsa
> Priority: Minor
> Labels: lhf, ponies
>
> A thread on the user list pointed out that some use cases may prefer to have
> a database disconnect sessions after some idle timeout. An example would be
> an administrator who connected via ssh+cqlsh and then walked away.
> Disconnecting that user and forcing it to re-authenticate could protect
> against unauthorized access.
> It seems like it may be possible to do this using a netty
> {{IdleStateHandler}} in a way that's low risk and perhaps off by default.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
