Forum Discussion
Lucas_Thompson_
Jan 11, 2016Historic F5 Account
From APM's perspective, you can simply adjust the idle timeout to > 30 mins. Unfortunately APM don't have timeout control over:
Horizon View Client
VMWare Server
Citrix Presentation Server
Citrix Receiver Client
So these things may have their own timeouts that must be adjusted for your whole use case to work. Your best bet is to perform some testing around it to see what works.
- Inet_TeamJan 13, 2016NimbostratusThat would mean that a client needs to be idle. What I want/need is that the webtop needs a re-auth after a certain time. But without losing your session. So imagine you are logged in on the APM webtop at 9:00 and started your vmware sessions, 15 min later you need a citrix connection, Go back to the webtop and I would like that the user would have to do at least a partial re-auth to be able to start something new from the webtop. Without losing the current session to vmware. See it as a lock-screen, a screensaver if you will Is that possible ?
- Lucas_Thompson_Jan 13, 2016Historic F5 AccountThere is a reauthentication timeout function but it doesn't work how you describe. If the user is idle, the session is expired and if the reauth timeout is exceeded, same thing. As a gateway device, The headroom required to store a lot of idle user data like this would be too expensive. It sounds like what you said, a basic lock screen on the workstation which is usually implemented as a group policy setting on a managed PC.
- Jeroen_131594Jan 13, 2016NimbostratusFor example : User connected to APM and VDI session VDI session will go into screensaver/lock mode within 5 min of no activity. But... by just closing the VDI session (either HTML5 or the Horizon client) and restarting it from the webtop will relogin and the desktop is accessible again. It is not idle user data, the user has a viable session to anything. It's just the APM webtop that needs a lock/screensaver mode. It should still invalidate the session after the max time allowed, even when used. But a function to require re-authentication for using the webtop after let's say 5 mins after the last click would be something making the webtop a lot more secure.