Issue with finding out how to configure ending sessions when users log out of the server

0

Hello, I've recently spun up a video conferencing server on an ubuntu ec2, and currently users that log in to the server can close the window, re-visit the site, and not have to log in again (with limited time). I would like to configure a way in which they would have to re-enter their credentials, and have been having problems finding out to do it within the deployment of the video conferencing server. Is there a way to configure that option within ubuntu itself? For example, a way for ubuntu to just terminate the session when someone navigates away from the server? Or even shorten the time of the session lasting to 0?

posta un anno fa277 visualizzazioni
1 Risposta
1

the duration of sessions and their behavior upon user disconnection is typically managed by the application itself, not the underlying operating system (Ubuntu, in your case). When a user logs in to a web application, a session is created on the server side, and a session identifier is usually sent to the client, which is then stored as a cookie. This session identifier is then sent with each subsequent request to the server to authenticate the user. The server-side session can be configured to expire after a certain period of inactivity, forcing the user to log in again.

For Jitsi: There is an auto-login option in Jitsi's configuration that you can disable to prevent caching of user credentials. You can add the following line to your sip-communicator.properties file (usually located in /etc/jitsi/jicofo/):

org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true

This will disable the auto-login feature, prompting the user to enter their credentials every time they visit the site​.

https://community.jitsi.org/t/default-timeout-for-authenticated-users/17664

For BigBlueButton: I was unable to find explicit information about session timeout configuration within my research time limit. However, for most applications, you can implement a strategy where you set a relatively low timeout for sessions and then have an automated call (like an AJAX request) that "pings" the server at intervals shorter than the session timeout. This keeps the session alive as long as the user's browser is open. If the user closes their browser, the "ping" requests stop and the session will time out and end after the specified period. This might require some custom coding if the application does not already support such a feature​.

https://stackoverflow.com/questions/630625/session-timeout-in-web-applications

profile picture
ESPERTO
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande