CloudShark 3.2 introduced much needed controls for the Administrator over the default cookie settings used to log users into the web application. This guide will go over the available options and how to configure them.
We discovered during development that it was very easy to lock yourself and everybody else out of CloudShark. For that reason, we decided to make these options only accessible to the Administrator via SSH console access.
All options are configured in the YAML config file located on the server at
/var/www/cloudshark/shared/config/cloudshark.conf. This file is loaded
when CloudShark starts up, so for changes to take affect the CloudShark service
will need to be restarted by running (as root):
service cloudshark restart
Verify your changes still allow you to log-in to CloudShark before disconnecting from the SSH session. If you continue to have any issues logging into CloudShark, please contact firstname.lastname@example.org for help.
The duration of a login session is controlled by the configuration variable
session_lifetime_seconds. This is an integer value in seconds. If this
value is set to 0 (zero) the cookie is set as a “session cookie” which will
expire immediately when the user closes their browser.
The default cookie expiration is 24 hours, or 86,400 seconds.
If for some reason you need to force all of your users to log-out, simply restart the CloudShark service on your appliance.
If CloudShark has been configured to run over HTTPS and HTTP access has been disabled, we strongly recommend you enable Secure Cookies to prevent unintended transmission of the cookie over an unencrypted connection.
secure_cookies to “yes” in the config file, Cookies will have the
secure flag enabled and will not be transmitted via HTTP.
In this scenario, it will be impossible to log in via HTTP. The login page will warn you if you are attempting to login via HTTP and Secure Cookies are turned on.
You may also need to delete any existing cookies that were set before this flag was enabled.
For environments where strict cookie policies are in place, you may explicitly set your
default_cookie_domain to match your host and domain name. For this to work correctly,
the cookie domain must match the DNS name used to access CloudShark.