The configurations in application.conf will enhance API performance by speeding up cache clearance.
- This configuration write the activity logs into MongoDB (Applies to Ambience only):
ambience.activity-log {
enabled: true
expiry: 2 hours
}
Clean up expired temporary cache in repertoire/ambeince server every 12 hours(default is 1 week)
- Add the following, default is 7 days, revise to 12 hours:
ambience.session-cleaner {
expiry: 12 hours
}
The following configuration will logout any inactive user from the web console page after 15 minutes of inactivity.
- For inactive user session change the configuration setting “session-timeout = 60 minutes” to 15 minutes:
ambience.web {
url = ${external-protocol}"//"${external-host}":"${external-port}
root = "web"
default-url: "/service-chooser/per-user-landing-page.html"
default-per-user-url: "/service-chooser/index.html"
session-timeout = 60 minutes
enforce-single-session = true
response-headers {
# any of these can be overridden either by supplying an alternate string, or else "" to turn the header off
X-XSS-Protection = "1; mode=block"
X-Frame-Options = "SAMEORIGIN"
X-Content-Type-Options = "nosniff"
Cache-Control = "max-age=0, must-revalidate"
# ONLY enable this if all present and future subdomains will be HTTPS!
#Strict-Transport-Security = "max-age=31536000; includeSubDomains"
}
}
The following setting controls how long the SSO cookie remains valid. A longer duration means users can stay authenticated without needing to log in again.
- Revise the following ‘session-length’ value to a shorted time duration, e.g. from 1 minute to 30 seconds:
elixir.sso.server {
cookie-name = "elxsso"
https.enabled = ${ambience.https.enabled}
# this controls how long the sso cookie remains active - it should be short if enforce-single-session is enabled, else the expired
# ambience session will be immediately and silently re-approved, circumventing enfore-single-session
session-length = 1 minute
# this controls how long the login form is considered valid once shown on the screen
max-login-delay = 5 minutes
user-database = "ambience.simplesso.IdentityUserDB"
client-database = "ambience.simplesso.SimpleClientDB"
}