[SERVER-12418] Add support for session timeouts Created: 21/Jan/14  Updated: 06/Dec/22  Resolved: 24/Sep/19

Status: Closed
Project: Core Server
Component/s: Networking, Security
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Backlog - Security Team
Resolution: Duplicate Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Duplicate
is duplicated by SERVER-33749 Configurable Idle Connection Timeout ... Closed
Related
Assigned Teams:
Server Security
Participants:

 Description   

Add the option of a server-wide session timeout for authenticated user sessions from the shell and other drivers.

The authenticated session would be automatically terminated after the specified time. It could be easily implemented without a timer or extra thread by simply checking the time of the last activity of that specific user when authorizing an action.

Default would be timeout = 0 which implies infinite timeout.



 Comments   
Comment by Spencer Jackson [ 24/Sep/19 ]

The request for this functionality came up again in SERVER-33749, where code was committed to the shell. I'm closing this ticket as a duplicate.

Comment by Matt Lord (Inactive) [ 23/Feb/18 ]

Is this still relevant in 3.6+, with the addition of logical session timeouts? If so, we need to clarify what's still missing in the known user stories and use cases.

Comment by Andy Schwerin [ 21/Jan/14 ]

The challenge with timeouts is giving a signal to the driver so it knows when to reauthenticate. Getting a "not authorized" message is ambiguous, and can only be resolved by getting the result of connectionStatus on the connection. Instead, the first not-authorized operation after an auth session timeout could return "credentials expired", giving the client driver a chance to transparently reauthenticate. There's still probably more work to do in the driver than in server, though.

Generated at Thu Feb 08 03:28:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.