Reduce session timeout to 30 minutes
This reduces our web session timeout to 30 minutes per
NIST guidelines:
"Reauthentication of the subscriber SHALL be repeated following
any period of inactivity lasting 30 minutes or longer."
https://pages.nist.gov/800-63-3/sp800-63b.html
Change-Id: Icb600b5bc026107f582bc93be355bc5e2b46677d
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
diff --git a/include/sessions.hpp b/include/sessions.hpp
index a448b24..b0d6ca7 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -412,7 +412,7 @@
AuthConfigMethods authMethodsConfig;
private:
- SessionStore() : timeoutInSeconds(3600)
+ SessionStore() : timeoutInSeconds(1800)
{}
};