Sessions

From ISPWiki

The "XXXmanager" (i.e. a software product, such as ISPmanager) session is a unique number that is used for request authorization. Each session is associated with a certain user and IP-address. The sessions are kept during one hour after the last request was sent (about 60-64 minutes) and then are removed.

They are located in the var/.<manager>.ses, file, where <manager> is a software name (the name of the binary file from the bin/ directory).

.<manager>.ses file structure

const int MaxUserLength = 64;                  ///< maximum username length 
const int MaxFuncLength = 32;                  ///< maximum function name length
const int MaxSuDeep = 3;                       ///< maximum depth 
 
struct AuthSes {
        int auth;                              ///< session number 
        char method[4];                        ///< authorization method 
        char ip[40];                           ///< IP-address that will receive requests for this session 
        char user[MaxUserLength];              ///< current username 
#ifdef Windows
        char pass[MaxUserLength];              ///< user password
#endif
        SesLevel level;                        ///< access level
        time_t atime;                          ///< time when the last request was sent 
        char suser[MaxUserLength*MaxSuDeep];   ///< previous usernames 
        char sfunc[MaxFuncLength*MaxSuDeep];   ///< functions that were used for transitions 
#ifdef ISPMGR
        bool allowrestart;                     ///< this user is allowed to use the restart function to restart Apache 
#ifndef Windows
        uid_t uid;                             ///< current user Uid 
        gid_t gid;                             ///< current user Gid 
#endif
#endif
#ifdef BILLMGR
        int account;                           ///<
#endif
        int p_cnt;                             ///< number of records per page
} __attribute__((__packed__));