Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

CSRF token.json Request Keeps Session Alive

Avatar

Level 1

I am setting the session timeout to 15 minutes (via the Apache Felix Jetty Based Http Service configuration).  However, the call to /libs/granite/csrf/token.json every 5 minutes seems to be keeping it active.  Should I adjust how often token.json is called?

1 Reply

Avatar

Employee Advisor

You can configure CSRF token validation using a osgi property at [1]. It can give you the expiration time with csrf.token.expires.in property.

 

[1] - com.adobe.granite.csrf.impl.CSRFServlet