-1

For my application till now i was using Java code for timing out the inactive user session from application. But for the purpose of upgrading it, want to use 389ds LDAP (my application is already integrated with 389ds LDAP).

I don't find any Property related to this in 389ds.

Do anyone has any idea related to this?

pramod_pams
  • 1
  • 1
  • This is entirely unclear. Do you want 389DS to kick your users from your server app? If yes: That doesn't make any sense and it's not an LDAP servers Job. Or do you want to lookup a user-specific timeout value from an LDAP record and use that in your app? – Sven Jul 27 '15 at 10:25
  • I want to specify a timeout value from an LDAP and that should be used in my app to logout iff the user is inactivity for that amount of time. If the user tries to login again after that amount of time, he/she should be re-authenticated. – pramod_pams Jul 27 '15 at 10:33
  • As you can authenticate multiple sessions on multiple machines using LDAP, it does not make any sense to have attributes in the user's record to manage session timeouts. However you could add "session entries" to you LDAP server that you application manages. But then: Why use an LDAP server for that: Can't your application timeout idle sessions? That seems to be the natural way. (389-DS can lock users that did not log in for a while ("idle users", but that's something completely different) – U. Windl Jan 24 '23 at 10:21

1 Answers1

0

That is not an LDAP servers job. It doesn't even have any information about the activity of the user - all you usually use the LDAP server for is to look up user information and possibly authenticate a user.

This assumes your are not writing an LDAP client like Apache Directory Studio.

Sven
  • 98,649
  • 14
  • 180
  • 226