auth_digest_timeout
Specifies the timeout period for digest authentication sessions in NGINX.
Description
The auth_digest_timeout directive sets the maximum duration for a digest authentication session. When a user authenticates, this timeout defines how long the session remains valid before the user must re-authenticate. The timeout is specified in seconds and directly influences session management within the server for authenticated users.
This directive can be configured in the http, server, or location contexts, allowing for flexibility in how it's applied across various parts of the server configuration. For instance, a higher timeout can enhance user experience by reducing the frequency of re-authentication, while a lower timeout increases security by ensuring that sessions expire more quickly. An appropriate balance must be struck, taking into account both usability and security needs. If the timeout is not explicitly set, it will default to a server-defined setting based on parameters from other configuration sections.
Config Example
location /protected {
auth_digest "Restricted Area";
auth_digest_file /etc/nginx/digest_salt;
auth_digest_timeout 120;
}Setting a very high timeout can expose the server to potential security threats if credentials are compromised.
If not set, the default value of 60 seconds may result in frequent re-authentication requests, leading to a poor user experience.
Ensure the timeout value is appropriate for the context in which it's applied; different contexts may require different strategies for user authentication.