Third Light Developer Exchange

Code and templating community forum for developers and software integrators

You are not logged in.

Announcement

If you wish to join the Developer Exchange, please contact your account manager - this is to avoid unnecessary spam in the forums. Many thanks for your understanding.

#1 2015-07-29 22:45:49

mdyason
Member
Registered: 2015-01-20
Posts: 43

What happens to persistent logins that never log out

We updated our dev server recently from IMS version 6.1.7-21 to version 6.1.8-8 RC.  We are using the persistent login with API key.  Every time our messaging service logs in to do an upload or ask for data, we get a different session key.  Our developers were assuming that once a persistent login was made - they would keep getting the same session key.  So what is now happening is that we have made lots of persistent logins and no logouts.  Our developers machine can no longer do uploads but can do anything else after the login.  (Interesting is that the message he gets back on upload is that the upload failed, but the file actually does upload OK.)  Switching to a different computer - it works again - logging in with same API key. 
What eventually happens to those sessions?  Is there a way we could kill/log out of all sessions?  How many open sessions can we have?  Have you thought through any way of identifying idle sessions and possibly then applying a time rule?

Offline

#2 2015-07-30 10:51:09

chris
Third Light Staff
Registered: 2015-01-06
Posts: 4

Re: What happens to persistent logins that never log out

Hi mdyason,

Every time you call Core.LoginWithKey you will get a new session key, this is akin to logging in in your browser. If you want to tidy up the unused sessions, then you can do a Core.Logout() after you have finished using the session, however not doing so won't be a problem at all (we wouldn't expect any performance or security issues, even if you had millions of orphaned sessions).

With regards to your developer's upload problem, could you let us know the sequence of API requests (including the parameters/values) that are being made?

Cheers,

Chris

Offline

#3 2015-08-20 15:09:36

dominic
Third Light Staff
Registered: 2013-06-06
Posts: 96

Re: What happens to persistent logins that never log out

Hi,

This also relates to: https://secure.thirdlight.com/developer … php?id=133

To summarise, going forward persistent login sessions will expire after two weeks of inactivity.

Dominic

Offline

Board footer