Login Parameters

edcapulong · October 24, 2023, 8:40am

Hi!

How do you define the login parameters in order to throttle login attempts in Camunda Platform Run?

I saw there are provisions, but are there examples how we can declare this in the production.yml file?

Thank you!

WilliamR.Alves · October 24, 2023, 12:47pm

Hello my friend!
perhaps this help you:

in your application.properties:

camunda.webapp.security.loginMaxAttempts=5

in your production.yml:

camunda:
  webapp:
    security:
      loginMaxAttempts: 5

I hope this helps!

William Robert Alves

edcapulong · October 25, 2023, 1:51am

Hi @WilliamR.Alves

Thank you for the response! will try this immediately and let you know.

I have another question, do you by chance know how to set a session timeout in Camunda Platform run, production.yml?

Thank you!

WilliamR.Alves · October 25, 2023, 5:03am

Hello my friend!!

In Springboot 2.0 + the properties are as follows: (remembering that the embedded tomcat does not allow you to set a time lower than 60 seconds if I’m not mistaken).

application.properties:
server.servlet.session.timeout=1500

production.yml

server:
  servlet:
    session:
      timeout: 1500

In Springboot 1.0 the property did not have the “servlet”… in other words, it was just: server.session.timeout=1500

i hope this helps!

William Robert Alves

edcapulong · October 25, 2023, 6:53am

Hi @WilliamR.Alves

Thank you for the reply, just to be sure, the expected behavior with the session timeout is that if the current session is idle for the set # of seconds, the session will automatically terminate and logout the currently logged in user, correct?

I have this in my configuration, but it does not seem to work, would you have any idea why?

server:
  servlet:
    session:
      timeout: 120
      cookie:
        secure: true
        http-only: true

I am currently using Camunda Platform Run 7.16

Thank you so much!!

WilliamR.Alves · October 25, 2023, 12:59pm

Are you using a tomcat?

edcapulong · October 25, 2023, 1:18pm

Hi @WilliamR.Alves

I’m using spring boot. For camunda platform run.

Thank you

WilliamR.Alves · October 25, 2023, 2:02pm

I was doing some research to understand what your problem could be… and I found Camunda’s own documentation stating that the session timeout configuration needs to be done in web.xml.

Continuing my search to help you… I found this post and I imagine it is what you need to solve the problem.

Link below

Java Session Timeout | Baeldung.

William Robert Alves

system · November 1, 2023, 2:03pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.