Terminate CRD sessions after maximum session duration
Bug: b:402442753 Change-Id: I466db3c273fbbb0a2a6bfd954dfac8c52f0e5d80 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6346770 Reviewed-by: Joe Downing <joedow@chromium.org> Commit-Queue: Ashutosh Singhal <macinashutosh@google.com> Cr-Commit-Position: refs/heads/main@{#1432091}
This commit is contained in:
Ashutosh Singhal
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
481341a263
commit
1b8410211c
remoting/host
@ -1019,6 +1019,15 @@ TEST_F(It2MeHostTest, TerminateUponInputDefaultsToFalse) {
|
||||
EXPECT_FALSE(GetHost()->desktop_environment_options().terminate_upon_input());
|
||||
}
|
||||
|
||||
TEST_F(It2MeHostTest, ConnectRespectsMaximumSessionDurationParameter) {
|
||||
ChromeOsEnterpriseParams params;
|
||||
params.maximum_session_duration = base::Hours(8);
|
||||
StartHost(std::move(params));
|
||||
|
||||
EXPECT_EQ(GetHost()->desktop_environment_options().maximum_session_duration(),
|
||||
base::Hours(8));
|
||||
}
|
||||
|
||||
TEST_F(It2MeHostTest, ConnectRespectsEnableCurtainingParameter) {
|
||||
ChromeOsEnterpriseParams params;
|
||||
params.curtain_local_user_session = true;
|
||||
|
||||
@ -11,12 +11,14 @@
|
||||
#include "base/check.h"
|
||||
#include "base/functional/bind.h"
|
||||
#include "base/json/values_util.h"
|
||||
#include "base/location.h"
|
||||
#include "base/memory/ptr_util.h"
|
||||
#include "base/memory/scoped_refptr.h"
|
||||
#include "base/memory/weak_ptr.h"
|
||||
#include "base/task/single_thread_task_runner.h"
|
||||
#include "base/time/time.h"
|
||||
#include "build/build_config.h"
|
||||
#include "remoting/base/errors.h"
|
||||
#include "remoting/host/base/desktop_environment_options.h"
|
||||
#include "remoting/host/basic_desktop_environment.h"
|
||||
#include "remoting/host/client_session_control.h"
|
||||
@ -64,8 +66,6 @@ It2MeDesktopEnvironment::It2MeDesktopEnvironment(
|
||||
|
||||
bool enable_user_interface = options.enable_user_interface();
|
||||
bool enable_notifications = options.enable_notifications();
|
||||
bool should_limit_session_length =
|
||||
!options.maximum_session_duration().is_zero();
|
||||
// The host UI should be created on the UI thread.
|
||||
#if BUILDFLAG(IS_APPLE)
|
||||
// Don't try to display any UI on top of the system's login screen as this
|
||||
@ -78,13 +78,20 @@ It2MeDesktopEnvironment::It2MeDesktopEnvironment(
|
||||
enable_user_interface = getuid() != 0;
|
||||
#endif // BUILDFLAG(IS_APPLE)
|
||||
|
||||
// Create the continue window. The implication of this window is that the
|
||||
// session length will be limited. If the user interface is disabled,
|
||||
// then sessions will not have a maximum length enforced by the continue
|
||||
// window timer.
|
||||
if (should_limit_session_length) {
|
||||
// TODO(b:402442753): Terminate session after maximum session duration.
|
||||
// Enforce the maximum session length defined in the session options. If a
|
||||
// specific session duration limit is configured, the ContinueWindow mechanism
|
||||
// should not require re-authentication for the ongoing session.
|
||||
if (!options.maximum_session_duration().is_zero()) {
|
||||
ui_task_runner->PostDelayedTask(
|
||||
FROM_HERE,
|
||||
base::BindOnce(&ClientSessionControl::DisconnectSession,
|
||||
client_session_control, ErrorCode::MAX_SESSION_LENGTH),
|
||||
options.maximum_session_duration());
|
||||
} else if (enable_user_interface) {
|
||||
// Create the continue window. The implication of this window is that the
|
||||
// session length will be limited. If the user interface is disabled,
|
||||
// then sessions will not have a maximum length enforced by the continue
|
||||
// window timer.
|
||||
continue_window_ = HostWindow::CreateContinueWindow();
|
||||
continue_window_ = std::make_unique<HostWindowProxy>(
|
||||
caller_task_runner, ui_task_runner, std::move(continue_window_));
|
||||
|
||||
Reference in New Issue
Block a user