[
https://issues.apache.org/jira/browse/KNOX-3077?focusedWorklogId=948051&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-948051
]
ASF GitHub Bot logged work on KNOX-3077:
----------------------------------------
Author: ASF GitHub Bot
Created on: 12/Dec/24 15:46
Start Date: 12/Dec/24 15:46
Worklog Time Spent: 10m
Work Description: moresandeep opened a new pull request, #972:
URL: https://github.com/apache/knox/pull/972
## What changes were proposed in this pull request?
This PR introduces a new parameter `pac4j.cookie.max.age` for the Pac4J
provider that enforces cookie age on the cookies created by the pac4j provider.
e.g.
```
<provider>
<role>federation</role>
<name>pac4j</name>
<enabled>true</enabled>
<param>
<name>pac4j.callbackUrl</name>
<value>https://www.local.com:8443/gateway/knoxsso/api/v1/websso</value>
</param>
<!
Issue Time Tracking
-------------------
Worklog Id: (was: 948051)
Remaining Estimate: 0h
Time Spent: 10m
> Knox UI session timeout does not work with pac4j
> ------------------------------------------------
>
> Key: KNOX-3077
> URL: https://issues.apache.org/jira/browse/KNOX-3077
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxSSO
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> KnoxSSO is expired and works as expected but pac4j profile cookies do not.
> pac4j provider is getting used which is causing the following behavior.
> 1. Knox expires the cookies
> 2. The UI redirects to login using the pac4j auth.
> 3. pac4j finds the pac4j cookies (like profile cookie) that are not expired
> and Knox logs back again.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
