Move pending session lifetime to yaml

application/src/main/java/org/thingsboard/server/controller/plugin/TbWebSocketHandler.java

@@ -59,6 +59,7 @@ import org.thingsboard.server.service.ws.WsCommandsWrapper;
 import org.thingsboard.server.service.ws.notification.cmd.NotificationCmdsWrapper;
 import org.thingsboard.server.service.ws.telemetry.cmd.TelemetryCmdsWrapper;
 
+import javax.annotation.PostConstruct;
 import javax.websocket.RemoteEndpoint;
 import javax.websocket.SendHandler;
 import javax.websocket.SendResult;
@@ -104,6 +105,8 @@ public class TbWebSocketHandler extends TextWebSocketHandler implements WebSocke
     private long pingTimeout;
     @Value("${server.ws.max_queue_messages_per_session:1000}")
     private int wsMaxQueueMessagesPerSession;
+    @Value("${server.ws.auth_timeout_ms:10000}")
+    private int authTimeoutMs;
 
     private final ConcurrentMap<String, WebSocketSessionRef> blacklistedSessions = new ConcurrentHashMap<>();
 
@@ -112,8 +115,12 @@ public class TbWebSocketHandler extends TextWebSocketHandler implements WebSocke
     private final ConcurrentMap<UserId, Set<String>> regularUserSessionsMap = new ConcurrentHashMap<>();
     private final ConcurrentMap<UserId, Set<String>> publicUserSessionsMap = new ConcurrentHashMap<>();
 
-    private final Cache<String, SessionMetaData> pendingSessions = Caffeine.newBuilder()
-            .expireAfterWrite(10, TimeUnit.SECONDS)
+    private Cache<String, SessionMetaData> pendingSessions;
+
+    @PostConstruct
+    private void init() {
+        pendingSessions = Caffeine.newBuilder()
+                .expireAfterWrite(authTimeoutMs, TimeUnit.MILLISECONDS)
                 .<String, SessionMetaData>removalListener((sessionId, sessionMd, removalCause) -> {
                     if (removalCause == RemovalCause.EXPIRED && sessionMd != null) {
                         try {
@@ -124,6 +131,7 @@ public class TbWebSocketHandler extends TextWebSocketHandler implements WebSocke
                     }
                 })
                 .build();
+    }
 
     @Override
     public void handleTextMessage(WebSocketSession session, TextMessage message) {

application/src/main/resources/thingsboard.yml

@@ -76,6 +76,8 @@ server:
     max_entities_per_alarm_subscription: "${TB_SERVER_WS_MAX_ENTITIES_PER_ALARM_SUBSCRIPTION:10000}"
     # Maximum queue size of the websocket updates per session. This restriction prevents infinite updates of WS
     max_queue_messages_per_session: "${TB_SERVER_WS_DEFAULT_QUEUE_MESSAGES_PER_SESSION:1000}"
+    # Maximum time between WS session opening and sending auth command
+    auth_timeout_ms: "${TB_SERVER_WS_AUTH_TIMEOUT_MS:10000}"
   rest:
     server_side_rpc:
       # Minimum value of the server-side RPC timeout. May override value provided in the REST API call.