Session Management provides increased security when users are logging in to the LoadMaster WUI. WUI Session Management can be enabled/disabled and configured in the following screen: Certificates & Security > Admin WUI Access > WUI Session Management.

Session management is enabled by default on all LoadMasters initially deployed with firmware version 7.1.35 or above.

Note: If you perform a factory reset of the LoadMaster, you must enable the Enable Session Management check box and disable the Require Basic Authentication check box to successfully run APIv2 (JSON-format) requests.

The level of user permissions determine what WUI Session Management fields can be seen and modified. Refer to the table below for a breakdown of permissions.

Control

Bal user

User with ‘All Permissions’

User with ‘User Administration’ permissions

All other users

Session Management

Modify

View

View

None

Require Basic Authentication

Modify

View

View

None

Basic Authentication Password

Modify

View

View

None

Failed Login Attempts

Modify

Modify

View

None

Idle Session Timeout

Modify

Modify

View

None

Limit Concurrent Logins

Modify

Modify

View

Pre-Auth Click Through Banner

Modify

Modify

View

None

Currently Active Users

Modify

Modify

View

None

Currently Blocked Users

Modify

Modify

View

None

When using WUI Session Management, it is possible to use one or two steps of authentication.

In addition to the bal user, another user exists by default in the LoadMaster called user. The purpose of the user user is so that administrators can provide credentials of the user user to people, instead of providing the bal credentials. The password for the user user, can be set by configuring the Basic Authentication Password text box. The password needs to be at least 8 characters long and should be a mix of alpha and numeric characters. If the password is considered to be too weak, a message appears asking you to enter a new password. Only the bal user is permitted to set the Basic Authentication Password.

If the Enable Session Management check box is ticked and Require Basic Authentication is disabled, the user only needs to log in using their local username and password (or using a client certificate, if client certificate WUI authentication is enabled – refer to the Client Certificate WUI/API Authentication section for further information). Users are not prompted to log in using the bal or user logins.

If the Enable Session Management and Require Basic Authentication check boxes are both selected, there are two levels of authentication enforced in order to access the LoadMaster WUI. The initial level is Basic Authentication where users log in using the bal or user logins, which are default usernames defined by the system.

Once logged in using Basic Authentication, the user then must log in using their local username and password (or using a client certificate – if client certificate authentication is enabled) to begin the session.

Note: LDAP users need to login using the full domain name. For example; an LDAP username should be test@progress.com and not just test.

After a user has logged in, they may log out by clicking the Logout button, , in the top right-hand corner of the screen.