XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Xen-Orchestra Auto-Logout

    Scheduled Pinned Locked Moved Management
    4 Posts 3 Posters 199 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      KPS Top contributor
      last edited by

      Hi!

      I want to have an auto-logout in Xen-Orachestra. I can see, that logged-on sessions, that are lasting over days are filling the memory of the XOA VM, until issues are starting.

      What I found in your git is:

       [authentication] 
       # Default to `maxTokenValidity` 
       #permanentCookieValidity = '30 days' 
        
       # Default to `undefined`, ie as long as the browser is not restarted 
       # 
       # https://developer.mozilla.org/fr/docs/Web/HTTP/Headers/Set-Cookie#Session_cookie 
       #sessionCookieValidity = '10 hours' 
      

      ...but I do not really understand the difference between permanentCookieValidity and sessionCookieValidity. Which one do I have to set, to force user logoffs after 12h, when a user does keep the browser open, when leaving the office?

      Thank you for your help
      KPS

      D 1 Reply Last reply Reply Quote 0
      • D Offline
        DustinB @KPS
        last edited by

        @KPS this would be for the session, the question I have is what issues are you experiencing?

        K 1 Reply Last reply Reply Quote 0
        • K Offline
          KPS Top contributor @DustinB
          last edited by

          @DustinB
          When a browser is open for some days, the process is using more and more memory, until it reaches the memory limit. If nobody is logged in, that is happening much slower.
          Currently, my limit is 8GB:

          c8d1cda2-e303-4527-8bf8-1affaa338095-image.png

          When that limit is reached, strange things begin to happen:

          • API-requests are timing out
          • Backup-jobs are failing
            ...until the process is restarted.

          About the original question:

          sessionCookieValidity = '12 hours'
          

          should fit?

          Bastien NolletB 1 Reply Last reply Reply Quote 0
          • Bastien NolletB Offline
            Bastien Nollet Vates 🪐 XO Team @KPS
            last edited by

            Hi @KPS ,

            The difference between these two settings is that sessionCookieValidity determines the time before a user gets disconnected if they did not check the "Remember me" option, and permanentCookieValidity determines this when this option was checked.

            If you want to force users to be disconnected after 12 hours regardless of how they connected, I think you need to set both sessionCookieValidity = '12 hours' and permanentCookieValidity = '12 hours'.

            However, this memory increase you're experiencing is intriguing, it is not an intended behaviour.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post