Github user tgravescs commented on the pull request:
https://github.com/apache/spark/pull/2073#issuecomment-54486981
Note that I'm assuming some of these don't necessarily apply. Like I think
secure cookies can only be used over https. Looking a bit more at the api I
think I am interested in.
- make sure we don't save it to disk, unless we are sure its going to a
correct and secure location
- what is the invalidate timeout? I assume CAS will handle relogin when
session expires?
- what is the max number of sessions?
- what is the httponly setting - I think we should set it unless it causes
other issues for CAS.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
