NethSecurity and login session

Yesterday, i logged on my test NethSecurity panel with my phone.
Today i opened same url and i was already logged.
Browser session have a timeout?
Thank you.

The session is based on a JWT token which is is refreshed on every use: nethsecurity-api/middleware/middleware.go at main · NethServer/nethsecurity-api · GitHub

If unused, it will expire after 24 hours.

@edoardo_spadoni please correct me if I’m wrong!


I asked because on ns7 After few minutes of inactivity, i have to login again. I like this behaviour.

1 Like

Same request.
A time out after a few minutes would be great.
No when entering the UI after a few hours when the PC goes in standby mode the network connect is lost i get a lot of connection error in the UI which don’t dissapear.
Need to get my way between the error to logout. Very complicated

Hi @MadPatrick
Sorry, it seems that I don’t get what you mean.
When you get back to the UI, several requests and pooling requests fail (which is intended, since you can’t connect to the firewall anymore when requests are made), and then issues arise when you’re unable to log out?
We might be able to log out the user if we’re unable to reach the firewall endpoint, but I’d consider it a bit too extreme, an accidental logout might happen even if the connection goes down briefly

No probblem.

I try to explain better

When log in in the UI with a PC and after use close the PC to standby the network connect of the PC is closed. Is is in standby mode.
When i start the PC back again from standby mode and then go to the browser, i don’t need to login the UI because is still accesible
Then i see all kinds of error in the UI and they don’t dissapear

I try to make some screenshot when i have them again

Did you try to refresh the page in the browser?

Yes. Multiple times.

Which browser do you use? I use firefox and after standby I’m still logged in without errors…

I’ll check of i can reproduce it in the next days

1 Like

I’ve powered on the PC from standby and opened Chrome.
The i went to the UI and did not need to login. This is then what i see

When i logout and directly login it is ok

Have you tried reloading page ignoring cache?

Reload the current page, ignoring cached content Shift + F5 or Ctrl + Shift + r (or ⌘ + Shift + r)

Yes. I tried to reload it ignoring the cache.

But the main question is, if it is possible the have the UI a time out and auto logoff.
Which is also a good security option

1 Like

Hi @MadPatrick

Sorry but we cannot decrease session duration to a few minutes: it might be good for you, but it wouldn’t provide a good UX for most users.

About your errors on the UI, it looks like you are getting HTTP 403 errors from the backend. Can you have a look inside /var/log/messages and paste the logs relevant to those errors?

Hi Andrea,

I just restored a previous snapshot because of antoher issue with my certificate.
When i have the error again i’ll post the log

Thanks !