How can I increase maximum lifespan of CloudController tokens?

It appears to be limited to 90 days by default.

Thanks!

  • The max days to live for each token type is capped on the server; there's a file at <ssc exploded war folder>/WEB-INF/internal/serviceContext.xml which stores the configuration related to this.

    For the cloudCtrlToken, the default maxDaysToLive is 90 days, so to change it, open the file mentioned above and search for "cloudCtrlToken", you should see a section like this:

    <bean id="cloudCtrlToken" class="com.fortify.manager.security.ws.AuthenticationTokenSpec">

            <property name="key" value="CloudCtrlToken" />

            <property name="maxDaysToLive" value="90" />

            <property name="actionPermitted">

             ...

    Change the maxDaysToLive value there, save the changes and restart the app server where SSC is running. Then you'll be able to generate a new token with fortifyclient with a days to live value matching the new maximum you've set. Existing tokens won't be modified.

    If the SSC webapp is ever redeployed from the .war the change will be overwitten in the deployed version, so you should either watch out for that or also update that file inside the ssc.war using a zip tool.

    I should point out that these defaults were chosen in order to discourage long lived tokens; you should follow your organization's policies on password / token validity duration and not have a token which is valid forever.

    -Josh

    Fortify L3 support engineer