NerdCat
14-04-2011, 03:21 PM
Ive got my TiVo series 1 (Australia) set up with TivoWeb userneame password protection using a port forward through my router. The TivoWeb config is set up with LAN access not password protected.
This all works as expected and Im not prompted internally, but I am externally.
Howver, the session never seems to time out. That is I can connect from my PDA or work PC, for example, and Im prompted for credentials as expected. But from that point on Ime never prompted again. This is true even if I leave the devices overnight, and even in the case of my PDA if its dicsonnected from the internet for seveal hours.
If I restart TivoWeb it makes no difference. But if I restart TiVoWeb after first changing the configured password, it re-prompts. So the authentication is obviously working. And something is obviously storing the credentials.
However its not browser-specific. If I clear the browser cache (firefox) and cookies, no difference. Same on my PDA (Android).
So Im wondering if Tivoweb somehow recognises requestors are lets them in.
Does anyone know how or if the session timeout for tivoweb works, and when I might expect to be re-prompted for credentials ? Obviously Id like a timeout for when I access remotely from an untrusted or public PC.
This all works as expected and Im not prompted internally, but I am externally.
Howver, the session never seems to time out. That is I can connect from my PDA or work PC, for example, and Im prompted for credentials as expected. But from that point on Ime never prompted again. This is true even if I leave the devices overnight, and even in the case of my PDA if its dicsonnected from the internet for seveal hours.
If I restart TivoWeb it makes no difference. But if I restart TiVoWeb after first changing the configured password, it re-prompts. So the authentication is obviously working. And something is obviously storing the credentials.
However its not browser-specific. If I clear the browser cache (firefox) and cookies, no difference. Same on my PDA (Android).
So Im wondering if Tivoweb somehow recognises requestors are lets them in.
Does anyone know how or if the session timeout for tivoweb works, and when I might expect to be re-prompted for credentials ? Obviously Id like a timeout for when I access remotely from an untrusted or public PC.