view mod_s2s_idle_timeout/README.markdown @ 5626:a44af1b646f5

mod_http_oauth2: Optionally enforce authentication on revocation endpoint But why do OAuth require this? If a token leaks, why couldn't anyone revoke it?
author Kim Alvefur <zash@zash.se>
date Mon, 31 Jul 2023 02:07:58 +0200
parents 4d73a1a6ba68
children
line wrap: on
line source

---
labels:
- 'Stage-Stable'
summary: 'Close idle server-to-server connections'
...

Introduction
============

Some people find it preferable to close server-to-server connections
after they have been silent for a while.

Configuration
=============

...is trivial. The default timeout is 300 seconds (5 minutes). To change
this simply put in the config:

       s2s_idle_timeout = 60 -- or any other number of seconds

Compatibility
=============

  ----- -------
  0.6   Works
  0.7   Works
  ----- -------