Skip to content

Commit

Permalink
pkp/pkp-lib#8543 improve session_check_ip and validation_timeout desc…
Browse files Browse the repository at this point in the history
…riptions
  • Loading branch information
kaitlinnewson committed Sep 25, 2024
1 parent 71c5173 commit bc6142c
Showing 1 changed file with 5 additions and 7 deletions.
12 changes: 5 additions & 7 deletions config.TEMPLATE.inc.php
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@
; base_url[myJournal] = http://www.myUrl.com/myJournal
; base_url[myOtherJournal] = http://myOtherJournal.myUrl.com

; Generate RESTful URLs using mod_rewrite. This requires the
; Generate RESTful URLs using mod_rewrite. This requires the
; rewrite directive to be enabled in your .htaccess or httpd.conf.
; See FAQ for more details.
restful_urls = Off
Expand Down Expand Up @@ -253,8 +253,9 @@
force_login_ssl = Off

; This check will invalidate a session if the user's IP address changes.
; Enabling this option provides some amount of additional security, but may
; cause problems for users behind a proxy farm (e.g., AOL).
; Enabling this option provides some additional security, but may cause
; login problems for some users (e.g. if a user IP is changed frequently
; by a server or network configuration).
session_check_ip = On

; The encryption (hashing) algorithm to use for encrypting user passwords
Expand All @@ -279,11 +280,9 @@
allowed_html = "a[href|target|title],em,strong,cite,code,ul,ol,li[class],dl,dt,dd,b,i,u,img[src|alt],sup,sub,br,p"

;Is implicit authentication enabled or not

;implicit_auth = On

;Implicit Auth Header Variables

;implicit_auth_header_first_name = HTTP_GIVENNAME
;implicit_auth_header_last_name = HTTP_SN
;implicit_auth_header_email = HTTP_MAIL
Expand All @@ -296,7 +295,6 @@
;implicit_auth_admin_list = "[email protected] [email protected]"

; URL of the implicit auth 'Way Finder' page. See pages/login/LoginHandler.inc.php for usage.

;implicit_auth_wayf_url = "/Shibboleth.sso/wayf"


Expand Down Expand Up @@ -375,7 +373,7 @@
; If enabled, email addresses must be validated before login is possible.
require_validation = Off

; Maximum number of days before an unvalidated account expires and is deleted
; The number of days a user has to validate their account before their access key expires.
validation_timeout = 14


Expand Down

0 comments on commit bc6142c

Please sign in to comment.