Hello,
We have a requirement where we have 2 different session limits. One session limit is the one that ConfD already supports which is per context (SSH, netconf, GUI), but the other one I have not found any way of enabling it in ConfD. And that one is a session limit per user.
So to add an example:
You have 3 contexts, each context has a limit of 8 sessions.
One user can connect to all those contexts and create 24 simultaneous sessions.
We would like to prevent the user from doing that and limit him to 8 sessions no matter the context.
Since I haven’t found any way of doing that via ConfD settings in the documentation, I tried to make this verification in the authentication callback. But with this implementation, the behavior changed. Previously once a user exceeded the session limit, if the user had the correct rights, the user was offered to kill another session and log into the one the user just created. But now this gets treated as an authentication error and the user can not kill another session.
I found that ConfD throws an internal error CONFD_ERR_TOO_MANY_SESSIONS if you try to create too many sessions in the code. I am wondering if it is possible for me to somehow also return this error in the authentication callback and get the inbuilt ConfD behavior back.
We are using ConfD version 7.7.10.