Sessions expiration is not dictated by the JSON, no. The expiration timestamp only dictates how long the JSON itself will be accepted. An unauthenticated user will not be able to authenticate with that same JSON after those 30 seconds.
- Mike On Sat, Jun 26, 2021, 16:54 Adrian Owen <[email protected]> wrote: > Hi Mike, > > > > I sent JSON sample. > > > > Session does not expire. > > > > It should timeout right after 30 secs? > > > > The session continues > > > > Thanks, Adrian > > > > > > *From:* Mike Jumper [mailto:[email protected]] > *Sent:* 26 June 2021 20:45 > *To:* [email protected] > *Subject:* Re: JSON Expiry > > > > On Sat, Jun 26, 2021, 07:09 Adrian Owen <[email protected]> wrote: > > Guacamole 1.2 JSON auth onto RDP Session > > > > I set expires to 1624716035000 (time of email) > > -10 seconds = 403 Unauthorised. Correct it’s in the past. > > +30 seconds = RDP OK > > > > But it does not expire. Any idea what’s wrong. > > > > What do you mean by "it does not expire"? The JSON should definitely cease > being accepted for auth after the timestamp is in the past. > > > > - Mike > > >
