This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository
https://gitbox.apache.org/repos/asf/ofbiz-framework.gitThe following commit(s) were added to refs/heads/trunk by this push:
new 98f6d7e Improved: Internal SSO: adds more time to compensate for possible time difference
98f6d7e is described below
commit 98f6d7ea8d5527ed7cee42fe39a3922875e00a2d
Author: Jacques Le Roux <
[hidden email]>
AuthorDate: Wed Apr 15 15:08:43 2020 +0200
Improved: Internal SSO: adds more time to compensate for possible time difference
---
.../common/src/main/java/org/apache/ofbiz/common/CommonEvents.java | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
index 9a48d62..76aa710 100644
--- a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
+++ b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
@@ -402,9 +402,11 @@ public class CommonEvents {
String securedUserLoginId = LoginWorker.getSecuredUserLoginId(request);
if (securedUserLoginId != null) {
types.put("userLoginId", securedUserLoginId);
- // 10 seconds seems plenty enough OOTB. Custom projects might want set a lower value.
+ // 30 seconds seems plenty enough OOTB to compensate for possible time difference
+ // If you cross issue with this value you should use the same NTP server for both sides
+ // Custom projects might want set a lower value for security reason
int ttlSeconds = (int) Long.parseLong(EntityUtilProperties.getPropertyValue("security",
- "security.jwt.token.expireTime", "10", delegator));
+ "security.jwt.token.expireTime", "30", delegator));
String token = JWTManager.createJwt(delegator, types, ttlSeconds);
writeJSONtoResponse(JSON.from(token), request, response);
} else {
Locked
