Merge pull request #10251 from Security-Onion-Solutions/kilo

Kilo
2026-01-31 12:23:55 +01:00 · 2023-04-28 14:44:25 -04:00
parent 26619e5f8d 03c89a02ad
commit 73aceb9697
2 changed files with 5 additions and 1 deletions
--- a/salt/kratos/defaults.yaml
+++ b/salt/kratos/defaults.yaml
@@ -16,6 +16,7 @@ kratos:
            issuer: Security Onion
      flows:
        settings:
+          privileged_session_max_age: 5m
          ui_url: https://URL_BASE/?r=/settings
          required_aal: highest_available
        verification:
--- a/salt/kratos/soc_kratos.yaml
+++ b/salt/kratos/soc_kratos.yaml
@@ -23,7 +23,6 @@ kratos:
            haveibeenpwned_enabled:
              description: Set to True to check if a newly chosen password has ever been found in a published list of previously-compromised passwords. Requires outbound Internet connectivity when enabled.
              global: True
-              advanced: True
              helpLink: kratos.html
        totp:
          enabled: 
@@ -39,6 +38,10 @@ kratos:
              helpLink: kratos.html
      flows:
        settings:
+          privileged_session_max_age:
+            description: The length of time after a successful authentication for a user's session to remain elevated to a privileged session. Privileged sessions are able to change passwords and other security settings for that user. If a session is no longer privileged then the user is redirected to the login form in order to confirm the security change.
+            global: True
+            helpLink: kratos.html
          ui_url: 
            description: User accessible URL containing the user self-service profile and security settings. Leave as default to ensure proper operation.
            global: True