authelia/test/features
Clement Michaud dacdce6c50 Implement session inactivity timeout
This timeout will prevent an attacker from using a session that has been
inactive for too long.
This inactivity timeout combined with the timeout before expiration makes a
good combination of security mechanisms to prevent session theft.

If no activity timeout is provided, then the feature is disabled and only
session expiration remains as a protection.
2017-10-31 07:27:23 +01:00
..
step_definitions Implement session inactivity timeout 2017-10-31 07:27:23 +01:00
support Check TOTP token with window of 1 2017-10-15 00:44:10 +02:00
access-control.feature Split client and server 2017-10-07 00:49:42 +02:00
auth-portal-redirection.feature Redirect user when he has already validated some factors 2017-10-09 01:07:32 +02:00
authentication.feature Every public endpoints return 200 with harmonized error messages or 401 2017-10-14 11:57:38 +02:00
basic-auth.feature Remove artifacts of only_basic_auth query param 2017-10-09 02:03:05 +02:00
forward-headers.feature Add tests on headers forwarded to backend 2017-10-14 22:11:56 +02:00
redirection.feature Implement session inactivity timeout 2017-10-31 07:27:23 +01:00
regulation.feature Implement session inactivity timeout 2017-10-31 07:27:23 +01:00
reset-password.feature Every public endpoints return 200 with harmonized error messages or 401 2017-10-14 11:57:38 +02:00
resilience.feature Disable second factor for certain subdomain 2017-09-26 23:09:33 +02:00
restrictions.feature Every public endpoints return 200 with harmonized error messages or 401 2017-10-14 11:57:38 +02:00
session-timeout.feature Implement session inactivity timeout 2017-10-31 07:27:23 +01:00