Answer the question
In order to leave comments, you need to log in
What does the server think if the client changes IP during an active session?
I would like to know from those who know how, from the point of view of the server (Linux), it looks like changing the IP address of the client during an active session?
I want to know what will be in the logs and what will be the behavior of the server in this case. For example, I logged into the Toaster, I'm sitting and typing this message now, and at that moment my IP address changes. Will the server even know about it BEFORE reloading the page? Thank you.
Answer the question
In order to leave comments, you need to log in
everything will be in the logs as usual, only the address is new.
the server will behave as usual: it will process the request.
naturally, the server will not know about it in any way until a new request.
how the application behaves depends on the application itself: some are purple / others log out / etc.
Usually, a session is not tied to an IP address, but if increased security is needed, you can bind an IP address to a session and log out the user if the current session suddenly changes IP.
But if they do this, they usually re-login in a transparent mode imperceptibly for the user: a new session is created based on the old token and a new one is generated (issued) for the new session (and attached to it), otherwise the user needs to go through authorization again in manual mode.
This can be useful in order to not be able to use intercepted session data (for example, login with the same token) from a different IP address.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question