Issue with finding out how to configure ending sessions when users log out of the server

0

Hello, I've recently spun up a video conferencing server on an ubuntu ec2, and currently users that log in to the server can close the window, re-visit the site, and not have to log in again (with limited time). I would like to configure a way in which they would have to re-enter their credentials, and have been having problems finding out to do it within the deployment of the video conferencing server. Is there a way to configure that option within ubuntu itself? For example, a way for ubuntu to just terminate the session when someone navigates away from the server? Or even shorten the time of the session lasting to 0?

feita há um ano276 visualizações
1 Resposta
1

the duration of sessions and their behavior upon user disconnection is typically managed by the application itself, not the underlying operating system (Ubuntu, in your case). When a user logs in to a web application, a session is created on the server side, and a session identifier is usually sent to the client, which is then stored as a cookie. This session identifier is then sent with each subsequent request to the server to authenticate the user. The server-side session can be configured to expire after a certain period of inactivity, forcing the user to log in again.

For Jitsi: There is an auto-login option in Jitsi's configuration that you can disable to prevent caching of user credentials. You can add the following line to your sip-communicator.properties file (usually located in /etc/jitsi/jicofo/):

org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true

This will disable the auto-login feature, prompting the user to enter their credentials every time they visit the site​.

https://community.jitsi.org/t/default-timeout-for-authenticated-users/17664

For BigBlueButton: I was unable to find explicit information about session timeout configuration within my research time limit. However, for most applications, you can implement a strategy where you set a relatively low timeout for sessions and then have an automated call (like an AJAX request) that "pings" the server at intervals shorter than the session timeout. This keeps the session alive as long as the user's browser is open. If the user closes their browser, the "ping" requests stop and the session will time out and end after the specified period. This might require some custom coding if the application does not already support such a feature​.

https://stackoverflow.com/questions/630625/session-timeout-in-web-applications

profile picture
ESPECIALISTA
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas