session_end
The `session_end` directive defines the expiration time for a secure token used in CDN requests.
Description
The session_end directive is a configuration option within the Secure Token module for NGINX, specifically designed for setting the end time of a secure token session. This directive allows administrators to specify when a generated token will expire, which helps to enhance security by controlling the validity period of access to CDN resources. When properly configured, it grants users access for a limited time window, after which the token becomes invalid and access is restricted.
The session_end directive takes a single argument which can represent an absolute time or a relative time duration. This flexibility allows for easier integration into various configurations, depending on the use case. When specified as an absolute time, it is expected to be in seconds since the epoch. Conversely, if specified as a relative duration, it is added to the current server time. This behavior ensures that tokens generated for secure CDN access comply with predefined security standards, helping to mitigate the risks associated with token sharing or unauthorized access.
Additionally, the session_end directive works alongside other related directives like session_start to define the complete lifecycle of a secure token. With a logical pairing of start and end times, administrators can fine-tune session management effectively, ensuring that tokens are generated only for legitimate use periods and that expired tokens are properly discarded after their end time has been reached.
Config Example
secure_token_akamai {
key 0123456789abcdef;
acl /path/to/access.list;
session_start 3600;
session_end 7200;
}Ensure that the time specified is valid and reflects the intended token duration.
Mixing absolute and relative time formats can lead to unexpected token expiry behavior.
If not properly configured with session_start, the session_end may generate tokens that are immediately expired.