I’m working on an application over NetOS 6.3.
I set HTTP server session_timeout time, it works.
But if I sets up an external user by
void SpwdSetExternalUser(rpAccess accessCode, spwdPasswordFunction externalHandler);
then HTTP server will not time out.
What is this problem? and how to solve it?
From what I can see, if you choose to handle security externally, security includes timeouts. So you'd have to add a system to your externally handled security component to manage session timeouts.
Thanks your answer, but I still have no idea how to do it.
Could you give me more detail, or some example code?
Unfortunately there is none. The overriding presumption with SpwdSetExternalUser is that you the developer own the entire login/logout process. This includes session timeouts.
So in a nutshell when a users login attempt hits your external handler function, you need a way to track the user and how long that user is logged in. Because handling is done externally, the web server does not have access to authentication details.