Linux Administration

Cookies

2 min read

The default cookie settings in CloudShark allow users to remain logged in for 24 hours. CloudShark allows the administrator to configure how long the cookie is valid for as well as the value of the secure flag and the default cookie domain.

Config File

All options are configured in the YAML config file located on the server at /var/www/cloudshark/shared/config/cloudshark.conf. This file is loaded when CloudShark starts up, so for changes to take affect the CloudShark service will need to be restarted by running (as root):

service cloudshark restart

Verify your changes still allow you to log-in to CloudShark before disconnecting from the SSH session. If you continue to have any issues logging into CloudShark, please contact support@cloudshark.io for help.

The duration of a login session is controlled by the configuration variable named session_lifetime_seconds. This is an integer value in seconds. If this value is set to 0 (zero) the cookie is set as a “session cookie” which will expire immediately when the user closes their browser.

The default cookie expiration is 24 hours, or 86,400 seconds.

If for some reason you need to force all of your users to log-out, simply restart the CloudShark service on your appliance.

Secure Flag

If CloudShark has been configured to run over HTTPS and HTTP access has been disabled, we strongly recommend you enable Secure Cookies to prevent unintended transmission of the cookie over an unencrypted connection.

By setting secure_cookies to “yes” in the config file, Cookies will have the secure flag enabled and will not be transmitted via HTTP.

In this scenario, it will be impossible to log in via HTTP. The login page will warn you if you are attempting to login via HTTP and Secure Cookies are turned on.

You may also need to delete any existing cookies that were set before this flag was enabled.

For environments where strict cookie policies are in place, you may explicitly set your default_cookie_domain to match your host and domain name. For this to work correctly, the cookie domain must match the DNS name used to access CloudShark.