yubikey
Adam Williamson
awilliam at redhat.com
Wed Oct 26 19:11:25 UTC 2011
On Wed, 2011-10-26 at 09:57 -0700, Toshio Kuratomi wrote:
> On Tue, Oct 25, 2011 at 04:56:18PM -0700, Adam Williamson wrote:
> > On Tue, 2011-10-25 at 16:44 -0700, Toshio Kuratomi wrote:
> > > FAS and bodhi are single sign on (iirc, everything on
> > > admin.fedoraproject.org).
> >
> > Well, Bodhi seems to do a damn good job of forgetting you're signed in.
> > I've never tried to analyze this carefully, it's just a subjective
> > feeling that I seem to have to log into it a hell of a lot...
> >
> It's supposed to be 20 minutes of inactivity (ie, make no requests to
> fas/bodhi/pkgdb/elections in 20 minutes and your session expires).
>
> There's only one time that I've found this to not work when I've actually
> measured it. That was when we had time skew on our fas servers. So when
> a session was updated on one server, it updated the session information with
> a timestamp far enough in the past that the next server to check the session
> decided that it was expired.
Well, 20 mins inactivity sounds about 'right', as in, it matches my
experience. seems like a very short timeout, but maybe it's appropriate.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list