Documentation

15. Changing the Default Timeout for Authentication

Introduced in Ansible Tower 2.4 is a feature which adds an Auth-Token-Timeout to every response that includes a valid user-supplied token. The value of Auth-Token-Timeout is determined by the configuration (time expressed in seconds) of the AUTH_TOKEN_EXPIRATION.

The value of Auth-Token-Timeout indicates the length of time, in seconds, that the supplied token is valid, from the moment the request was initiated.

Create an API settings file (/etc/tower/conf.d/session.py) with the appropriately defined time variable:

AUTH_TOKEN_EXPIRATION = <seconds>  # default 1800

Create a local_settings.json file in /var/lib/awx/public/static/local_settings.json with any necessary settings.

The change from using a local_config.js file, which would overwrite all settings in the config.js file, to using a local_settings.json file, which only overwrites specific settings in the config.js file, was introduced in Ansible Tower version 2.4.

Note

When including a local_settings.json file with specifically configured variables, it will overwrite specific settings in the config.js file.

Tower is designed to look for the config.js file first, ensuring all preset configuration properties are set properly. Once loaded, Tower looks for a file called local_settings.json and checks to see which, if any, settings it should overwrite from config.js. Users can now specify only the properties they want to change.

Note

If you are using the local_settings.js file to configure some of your settings for the UI, you must switch to using the new local_settings.json file. If you do not, your Tower instance will be loaded with the default settings. Custom settings will not appear until you switch to using the new local_settings.json file.

For example, to turn the console debugger on, local_settings.json could contain the following object (no additional variables are needed):

{ "debug_mode" : true}

The variables you can use within the local_settings.json file are as follows:

  • tooltip_delay: {show: 500, hide: 100} – Default number of milliseconds to delay displaying/hiding tooltips
  • debug_mode: false – Enable console logging messages
  • password_length: 8 – Minimum user password length. Set to 0 to not set a limit
  • password_hasLowercase: true – Requires a lowercase letter in the password
  • password_hasUppercase: false – Requires an uppercase letter in the password
  • password_hasNumber: true – Requires a number in the password
  • password_hasSymbol: false – Requires one of these symbols to be in the password: -!$%^&*()_+|~=`{}[]:”;’<>?,./
  • variable_edit_modes: {yaml, json} – Options passed to ControlMirror for editing YAML/JSON variables (see below)
variable_edit_modes: {
           yaml: {
               mode:"text/x-yaml",
               matchBrackets: true,
               autoCloseBrackets: true,
               styleActiveLine: true,
               lineNumbers: true,
               gutters: ["CodeMirror-lint-markers"],
               lint: true
           },
           json: {
               mode: "application/json",
               styleActiveLine: true,
               matchBrackets: true,
               autoCloseBrackets: true,
               lineNumbers: true,
               gutters: ["CodeMirror-lint-markers"],
               lint: true
           }
       }

Note

If you are accessing Tower directly and are having trouble getting your authentication to stay, in that you have to keep logging in over and over, try clearing your web browser’s cache. In situations like this, it is often found that the authentication token has been cached in the browser session and must be cleared.