Overview of session management

Virtual Storage Platform One SDS Block System Administrator Guide

Version
1.16.x
Audience
anonymous
Part Number
MK-24VSP1SDS001-03

A session is connection information between a user and a storage system.

A session can be generated by executing a REST API or CLI for generating a session. You can obtain a token by generating a session.

(Cloud) A session is also generated when Command Control Interface is used as a user interface. In this case, a session always times out in 60 minutes.

The number of sessions that can be generated in the entire storage system is limited. If this limit is exceeded, new sessions can no longer be generated.

When the multi-tenancy function is not used, the upper limit of the number of sessions that can be generated is 64. When the multi-tenancy function is used, the upper limit for the number of sessions that do not belong to a VPS is 64, and the number of sessions that belong to a VPS is 436.

After the upper limit of the number of sessions that can be generated is reached, you can use Basic authentication and ticket authentication. When the upper limit is reached, delete unnecessary sessions or consider using Basic authentication or ticket authentication.

A generated session is deleted when:

  • The session (token) expired.

  • The session has timed out without being used.

  • The cluster master node (primary) has failed over.

  • The session is deleted, the user is edited or deleted, the password is changed, the user is deleted from a user group, or the user group to which the user belongs is edited.

Token expiration time (default: 24 hours) applies to the entire storage system. For details about how to change the token expiration time, see Editing user authentication settings.

You can specify the session timeout time (default: 30 minutes) not only for each session but for the entire storage system. To specify the session timeout time for each session, specify the time when sessions are created. If you omit this specification, the session timeout time will be applied to the entire storage system. For details about how to change the session timeout time of the entire storage system, see Editing user authentication settings.

CAUTION:

If the token obtained by generating a session has leaked out, the VSP One SDS Block might be operated by an unintended third party. Properly manage the obtained token so that it won't be leaked out.