Fix horizon user session timeout

If a horizon user's token expires during long running operations, those operations can fail. This occurred during long running heat operations (eg multiple stack deletions). We correct this by setting the TOKEN_TIMEOUT_MARGIN parameter in local_settings.py. In this way the user will be logged out 10 minutes before the keystone token expires. For clarity, we also set the horizon session to 50 minutes. The keystone token is 60 minutes so this will match the maximum session length. Change-Id: I80912ad3cd198b114a60886e2760f93805562028 Partial-Bug: 1797186 Signed-off-by: David Sullivan <david.sullivan@windriver.com>
2018-10-12 13:24:22 -04:00 · 2018-10-12 13:24:22 -04:00 · 5c0c2057ba
parent 5487646a40
commit 5c0c2057ba
1 changed files with 13 additions and 0 deletions
--- a/openstack/python-horizon/centos/files/local_settings.py
+++ b/openstack/python-horizon/centos/files/local_settings.py
@ -1187,3 +1187,16 @@ LOGGING = {
        },
    },
 }
+
+# Session timeout overrides
+
+# SESSION_TIMEOUT is a method to supersede the token timeout with a shorter
+# horizon session timeout (in seconds).  So if your token expires in 60
+# minutes, a value of 1800 will log users out after 30 minutes
+SESSION_TIMEOUT = 3000
+
+# TOKEN_TIMEOUT_MARGIN ensures the user is logged out before the token
+# expires. This parameter specifies the number of seconds before the
+# token expiry to log users out. If the token expires in 60 minutes, a
+# value of 600 will log users out after 50 minutes.
+TOKEN_TIMEOUT_MARGIN = 600