From 489fb6fb6a95b79da25b46a27e7aa90e74859d25 Mon Sep 17 00:00:00 2001
From: Noureddine Ouaghris <noureddine.ouaghris@teamdlab.com>
Date: Wed, 30 Sep 2020 10:55:34 +0200
Subject: [PATCH] [RABB-856] set ticket expiration to 24 hours

---
 .../src/main/config/iam-internal-application-dev.yml          | 4 ++++
 cas/cas-server/src/main/config/cas-server-application-dev.yml | 4 ++--
 .../src/main/config/cas-server-application-recette.yml        | 4 ++--
 .../roles/vitamui/templates/cas-server/application.yml.j2     | 2 ++
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/api/api-iam/iam-internal/src/main/config/iam-internal-application-dev.yml b/api/api-iam/iam-internal/src/main/config/iam-internal-application-dev.yml
index 1498a407..8734160c 100644
--- a/api/api-iam/iam-internal/src/main/config/iam-internal-application-dev.yml
+++ b/api/api-iam/iam-internal/src/main/config/iam-internal-application-dev.yml
@@ -40,6 +40,10 @@ cas-client:
     truststore:
       key-path: src/main/config/truststore_server.jks
       key-password: changeme
+    keystore:
+      key-path: src/main/config/keystore_iam-internal.jks
+      key-password: changeme
+      type: JKS
     hostname-verification: false
 
 cas.reset.password.url: /cas/extras/resetPassword?username={username}&firstname={firstname}&lastname={lastname}&language={language}&ttl=1day
diff --git a/cas/cas-server/src/main/config/cas-server-application-dev.yml b/cas/cas-server/src/main/config/cas-server-application-dev.yml
index e8539df2..56bcaa34 100644
--- a/cas/cas-server/src/main/config/cas-server-application-dev.yml
+++ b/cas/cas-server/src/main/config/cas-server-application-dev.yml
@@ -73,8 +73,8 @@ cas.authn.surrogate.separator: ","
 cas.authn.surrogate.sms.attributeName: fakeNameToBeSureToFindNoAttributeAndNeverSendAnSMS
 
 
-# 5 minutes cache for login delegation
-cas.ticket.tst.timeToKillInSeconds: 300
+# 24 hours cache for login delegation
+cas.ticket.tst.timeToKillInSeconds: 86400
 
 
 cas.authn.pm.enabled: true
diff --git a/cas/cas-server/src/main/config/cas-server-application-recette.yml b/cas/cas-server/src/main/config/cas-server-application-recette.yml
index 0a0f5d98..ebe8ea38 100644
--- a/cas/cas-server/src/main/config/cas-server-application-recette.yml
+++ b/cas/cas-server/src/main/config/cas-server-application-recette.yml
@@ -65,8 +65,8 @@ cas.authn.surrogate.separator: ","
 cas.authn.surrogate.sms.attributeName: fakeNameToBeSureToFindNoAttributeAndNeverSendAnSMS
 
 
-# 5 minutes cache for login delegation
-cas.ticket.tst.timeToKillInSeconds: 300
+# 24 hours cache for login delegation
+cas.ticket.tst.timeToKillInSeconds: 86400
 
 
 cas.authn.pm.enabled: true
diff --git a/deployment/roles/vitamui/templates/cas-server/application.yml.j2 b/deployment/roles/vitamui/templates/cas-server/application.yml.j2
index 2e3bb642..c4eadf07 100644
--- a/deployment/roles/vitamui/templates/cas-server/application.yml.j2
+++ b/deployment/roles/vitamui/templates/cas-server/application.yml.j2
@@ -93,6 +93,8 @@ cas.serviceRegistry.mongo.password: {{ mongodb.cas.password }}
 cas.authn.surrogate.separator: ","
 cas.authn.surrogate.sms.attributeName: fakeNameToBeSureToFindNoAttributeAndNeverSendAnSMS
 
+# 24 hours cache for login delegation
+cas.ticket.tst.timeToKillInSeconds: 86400
 
 cas.authn.pm.enabled: true
 cas.authn.pm.policyPattern: {{ lookup('file', "{{ inventory_dir }}/templates/policy_pattern.regex") }}
-- 
GitLab