CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add privileged session config option to kratos config UI

Browse Source
This commit is contained in:
Jason Ertel
2023-04-28 13:14:30 -04:00
parent 8459054ff8
commit 4c58aa2ccf
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/kratos/defaults.yaml
View File

@@ -5,6 +5,8 @@ kratos:
whoami: whoami:
required_aal: highest_available required_aal: highest_available
selfservice: selfservice:
settings:
privileged_session_max_age: 5m
methods: methods:
password: password:
enabled: true enabled: true

6
salt/kratos/soc_kratos.yaml
View File

@@ -12,6 +12,11 @@ kratos:
advanced: True advanced: True
helpLink: kratos.html helpLink: kratos.html
selfservice: selfservice:
settings:
privileged_session_max_age:
description: The length of time after a successful authentication for a user's session to be elevated to a privileged session. Privileged sessions are able to change passwords and MFA settings for that user. If a session is no longer privileged then the user is sent to the login form first, before the security settings can be adjusted.
global: True
helpLink: kratos.html
methods: methods:
password: password:
enabled: enabled:
@@ -23,7 +28,6 @@ kratos:
haveibeenpwned_enabled: haveibeenpwned_enabled:
description: Set to True to check if a newly chosen password has ever been found in a published list of previously-compromised passwords. Requires outbound Internet connectivity when enabled. description: Set to True to check if a newly chosen password has ever been found in a published list of previously-compromised passwords. Requires outbound Internet connectivity when enabled.
global: True global: True
advanced: True
helpLink: kratos.html helpLink: kratos.html
totp: totp:
enabled: enabled: