ConnectWindow is a position-independent directive that interacts with the /connect endpoint that links a remote user to their session after authentication. By default, the /connect window is open for 60 seconds after a user authenticates. Entering the ConnectWindow directive with a smaller numeric value in config.txt will cause EZproxy to close the /connect window more quickly and make it more difficult for an unauthorized user to access the session.
This directive is compatible with EZproxy 6.1 and later.
The complete syntax is:
ConnectWindow seconds
| Qualifier | Description |
|---|---|
| seconds | Specifies the number of seconds that the /connect window should remain open |
The following example would specify that the /connect window remain open for 5 seconds:
ConnectWindow 5
This window should never be made smaller than the amount of time it might take a user to get from the redirect that occurs upon submitting valid credentials to the time the /connect request is sent by the browser and received by EZproxy. If you wish to reduce the time the connect window remains open, begin by entering a value smaller than 60, but larger than the time you think it will take to connect.
After entering this directive, you can enter:
Audit Most
in config.txt and monitor your /audit page for Session.ReconnectBlocked events. These may signal that an unauthorized user is attempting to connect to an authenticated user's session using the /connect request, and you may want to investigate the IP address from which that user is attempting to authenticate.