LOGIN-EXPIRATION-TIMESTAMP attribute

The time stamp specifying when the client-principal object will expire. If the client-principal object expires before you can seal or validate it, and you attempt to use it, the AVM sets the LOGIN-STATE attribute to "EXPIRED" and you can no longer validate or use the client-principal object.

Note: If you set the attribute to the Unknown value (?), the client-principal is reset to have no expiration.

Data type: DATETIME-TZ

Access: Readable/Writeable

Applies to: Client-principal object handle

You can set this attribute to any DATETIME-TZ value, with the following limitations. The value of this attribute:

Is truncated to the second
Can have no greater precision than seconds
Can have a minimum value of 1/1/1970 00:00:01.000-00:00
On 32-bit platforms, can have the following maximum value: 1/19/2038 00:00:00.000-00:00
On 64-bit platforms, has no meaningful maximum value

Any attempt to set a value that does not conform to these limitations returns a message in the ERROR-STATUS system handle and leaves the previous value unchanged.

If not set or reset to the Unknown value (?), the AVM will never place the client-principal object in an EXPIRED login state. In either case, reading the attribute returns the Unknown value (?).

Note: The AVM recognizes that a client-principal object has expired only when it tries to use it with the SEAL( ) method, SECURITY-POLICY:SET-CLIENT( ) method, SET-DB-CLIENT function, IMPORT-PRINCIPAL( ) method, or VALIDATE-SEAL( ) method.

Once the client-principal object is sealed, this attribute is read-only.

LOGIN-EXPIRATION-TIMESTAMP attribute

See also