Intro
So I’ll be honest this is not something I’ve ever set for a customer, maybe they set it themselves after I leave the engagement maybe not. However it’s a handy feature especially if you’re working on a lab or security is not you major worry. Or on the flip side maybe security is a major worry and you may want to reduce the Web UI timeout. The default timeout for a session connected to the web UI is 1800 seconds which is 30 minutes, to be honest this is more than a lot of products which is probably why I’ve never needed to adjust it up, however you may want to reduce it down for security.
Check the settings
To check the current settings type get service http
NSXTMan01> get service http
Thu Oct 20 2022 UTC 13:51:58.168
Service name: http
Service state: running
Logging level: info
Session timeout: 1800
Connection timeout: 30
Client API rate limit: 100 requests/sec
Client API concurrency limit: 40 connections
Global API concurrency limit: 199 connections
Redirect host: (not configured)
Basic authentication: enabled
Cookie-based authentication: enabledRemove session timeout (not secure)
To remove the session timeout which is not recommended for production cases this is mainly for lab use we type set service http session-timeout 0
We can then check the setting has taken buy again running get service http
If you run this straight after the previous command you will likely see Service state: stopped as the system will restart the service after the change so give it a few more seconds before running the get again.
NSXTMan01> set service http session-timeout 0NSXTMan01> get service http
Tue Jan 03 2023 UTC 11:45:28.982
Service name: http
Service state: running
Logging level: info
Session timeout: 0
Connection timeout: 30
Client API rate limit: 100 requests/sec
Client API concurrency limit: 40 connections
Global API concurrency limit: 199 connections
Redirect host: (not configured)
Basic authentication: enabled
Cookie-based authentication: enabledYou can manually restart the web UI service by running the command restart service ui-service I’m pretty sure this is not required to save these settings since in my lab the setting takes without this step however there is no harm in restarting the service just to be sure.
Reduce the default session timeout (secure)
To make the web UI more secure we can reduce the default timeout value from 1800 seconds so lets say we want to set it to 5 minutes we run the command set service http session-timeout 300 again we can check the setting with get service http
NSXTMan01> set service http session-timeout 300
NSXTMan01> get service http
Tue Jan 03 2023 UTC 11:53:11.962
Service name: http
Service state: running
Logging level: info
Session timeout: 300
Connection timeout: 30
Client API rate limit: 100 requests/sec
Client API concurrency limit: 40 connections
Global API concurrency limit: 199 connections
Redirect host: (not configured)
Basic authentication: enabled
Cookie-based authentication: enabled