From: "Itamar Heim" <iheim(a)redhat.com&gt; To: "Vojtech Szocs" <vszocs(a)redhat.com&gt; Cc: "engine-devel" <engine-devel(a)ovirt.org&gt; Sent: Tuesday, October 22, 2013 8:18:56 AM Subject: Re: [Engine-devel] Question about Engine user session timeout On 10/21/2013 02:55 PM, Vojtech Szocs wrote: > Hi guys, > > I see two different config values for dealing with Engine user session > timeout. > > First, from packaging/etc/engine-config/engine-config.properties file: > - UserSessionTimeOutInterval.description=Session timeout interval in > minutes, after which it will be expired and clean. A negative value > indicates the session should never timeout. > - UserSessionTimeOutInvalidationInterval.description=Session timeout > invalidation interval in minutes. Specifies the interval in which the > invalidation check should occur. > > Then, in org.ovirt.engine.core.common.config.ConfigValues enum: > - UserSessionTimeOutInterval (default 30) > - UserSessionTimeOutInvalidationInterval (default 30) > > Looking at Backend#Initialize, both of these values are used when > scheduling "cleanExpiredUsersSessions" job: > - UserSessionTimeOutInterval = initialDelay param, i.e. the initial delay > before the first activation [SchedulerUtil#scheduleAFixedDelayJob] > - UserSessionTimeOutInvalidationInterval = taskDelay param, i.e. the delay > between jobs [SchedulerUtil#scheduleAFixedDelayJob] > > So if I read this correctly, if UserSessionTimeOutInterval=100 then > UserSessionTimeOutInvalidationInterval is relevant only after first 100min > of Engine uptime. > > Why do we have two different config values for Engine user session timeout? > i.e. why don't we use same value for both initialDelay & taskDelay param? > you may want to be more strict, and invalidate sessions after 30 minutes and check for that every minute?

From: "Itamar Heim" <iheim(a)redhat.com&gt; To: "Vojtech Szocs" <vszocs(a)redhat.com&gt; Cc: "engine-devel" <engine-devel(a)ovirt.org&gt; Sent: Tuesday, October 22, 2013 12:22:14 PM Subject: Re: [Engine-devel] Question about Engine user session timeout On 10/22/2013 10:12 AM, Vojtech Szocs wrote: > However, as we have two distinct values for Engine session timeout, I guess > my best shot is to do > "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" > and expose both via admin-only GetConfigurationValue query, but I'm not > sure this is the best approach.. shouldn't that be sum() rather than min?

From: "Juan Hernandez" <jhernand(a)redhat.com&gt; To: "Vojtech Szocs" <vszocs(a)redhat.com&gt;, "Itamar Heim" <iheim(a)redhat.com&gt; Cc: "engine-devel" <engine-devel(a)ovirt.org&gt; Sent: Wednesday, November 13, 2013 11:27:11 AM Subject: Re: [Engine-devel] Question about Engine user session timeout On 10/22/2013 01:44 PM, Vojtech Szocs wrote: > > ----- Original Message ----- >> From: "Itamar Heim" <iheim(a)redhat.com&gt; >> To: "Vojtech Szocs" <vszocs(a)redhat.com&gt; >> Cc: "engine-devel" <engine-devel(a)ovirt.org&gt; >> Sent: Tuesday, October 22, 2013 12:22:14 PM >> Subject: Re: [Engine-devel] Question about Engine user session timeout >> >> On 10/22/2013 10:12 AM, Vojtech Szocs wrote: >>> However, as we have two distinct values for Engine session timeout, I >>> guess >>> my best shot is to do >>> "min(UserSessionTimeOutInterval,UserSessionTimeOutInvalidationInterval)" >>> and expose both via admin-only GetConfigurationValue query, but I'm not >>> sure this is the best approach.. >> >> shouldn't that be sum() rather than min? > > IIUC, the first config value (UserSessionTimeOutInterval) represents the > delay between Engine startup and first "cleanExpiredUsersSessions" job > execution. The second config value > (UserSessionTimeOutInvalidationInterval) is the delay between subsequent > executions of this job. This is why I thought it should be min() out of > these two; user could open WebAdmin right after Engine startup or anytime > after that. > > Both config values have validValues=-1,1..100000 so -1 could disable first > (UserSessionTimeOutInterval) or subsequent > (UserSessionTimeOutInvalidationInterval) job execution. I'm still confused > why we have two values, though.. > >> I may be wrong, but I would bet that the reason for having two configuration options is that the method of the scheduler that we use requires those two parameters.

As far as I can tell the only real value of the first parameter (UserSessionTimeOutInterval) is to disable completely session cleanup if the value is negative, and that seems mostly useless, as doing so would generate a memory leak.

I would suggest to completely remove the first parameter. I will then be clear that for your purpose the only relevant one is the second.

-- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.