Amount of time before the session of an authenticated user is terminated and re-authentication is necessary. Changes will affect newly-created sessions only.

Toggles the termination of sessions at midnight, forcing all authenticated users to re-authenticate after midnight.

Toggle the authentication of clients on the basis of their X.509 certificate. When the client X.509 Common Name (CN) equals one of the ntopng users, then the client is authenticated as the ntopng user. Changes to this setting requires a ntopng restart.

Toggle GUI authentication via RADIUS server.

Host and port of the RADIUS server (e.g. 127.0.0.1:1812).

The secret shared with the RADIUS server.

The authentication protocol used by the radius server.

Toggle authentication of local users via RADIUS (remote authentication, local authorization).

GUI users are authenticated as Administrator when the value for the Filter-Id RADIUS attribute matches the one specified in this field. Unprivileged otherwise.

GUI users which are Non-Administrator can have additional capabilities (e.g. pcap download and historical flow access) when the value for the Filter-Id RADIUS attribute matches the one specified in this field. In case of no match, limited capabilites are set for unprivileged users.

Toggle traffic accounting via RADIUS server.

Host and port of the RADIUS accounting server (e.g. 127.0.0.1:1813).

Toggle GUI authentication via an HTTP authenticator.

The URL of the HTTP server to use to authenticate users.

The URL of the HTTP server to use to authenticate users.

Toggle GUI authentication according to ntopng defined users.

The authentication methods check order is the same as the listing order above, e.g. if both LDAP and local auth are enabled, LDAP will be checked first and, if authentication fails, local auth will be checked next.