Resetting Sessions During Secondary Authentication Configuration
Scenario
Before performing important operations, you need to perform secondary authentication on users. You can enable the function of resetting sessions during secondary authentication to invalidate the original sessions.
If session hijacking occurs before secondary authentication, resetting the session can terminate the session hijacking and reduce loss to users.
By default, resetting sessions during secondary authentication is disabled. You can enable the function by following the instructions provided in this section.
After secondary authentication is enabled and the session is reset, you will be switched to the login page after you enter the password for secondary authentication and confirm the password, because the heartbeat interface session is reset. In this case, log in again.
Procedure
- Log in to the active management node as user omm.
- Run the following command to modify the configuration:
vi ${BIGDATA_HOME}/om-server/tomcat/webapps/web/WEB-INF/classes/config/web_security.properties
Set second_auth_need_refresh_session to true.
- Run the following command to restart Tomcat:
sh ${BIGDATA_HOME}/om-server/tomcat/bin/shutdown.sh;sh ${BIGDATA_HOME}/om-server/tomcat/bin/startup.sh
- Log in to the standby management node as user omm, and perform operations in 2.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
