Difference between revisions of "Session Management"

About Session Management

A session is defined as one browser on one device, where a user accesses the platform. The browser can have multiple windows open, but it still counts as one session. When Session Management is activated, users subject to session limits must log off existing sessions to start a new one when the limit is reached. Administrators can turn the feature on or off, set the maximum number of sessions per user, and view in-progress user sessions. To log in after reaching the session limit, old sessions can be automatically or selectively closed by the user or an admin.

Considerations:

• Session limits do not apply to admins with User Management permission.
• Multiple windows in a single browser constitute one session, not multiple sessions.

Exception:

If a new browser window is created by clicking the browser icon, it is a separate session.

However, if the new window is created from within the browser (for example, by pressing Ctrl+N), then the new window is part of the same session.

• When a window is started in a browser's "incognito" mode, it is considered a new session. (Note: If a second window is created in that mode, it is part of the same "incognito" session.)
• If the maximum number of sessions is reduced, then upon the next login, a user who reaches the new limit will be required to terminate multiple sessions, or have them terminated automatically, depending on the account configuration.

Working with Sessions

When the Session Limits option is enabled, you can specify the maximum number of concurrent sessions a user is allowed to have open at one time.

The Session Limits option is enabled by your Service Provider. The default single sign-on setting on on-premises installation is Off. The default single sign-on setting on the cloud is On. (Contact Support to make changes.)

Configuring Artemis

Pre-requisites
Ensure that Java 11 or a higher version is installed.

Linux

If you are a Linux user, follow the steps below:
1. Create a folder with the command in the terminal.

$ mkdir /opt/artemis 

2. Go to the folder /opt/artemis using the command:

$ cd /opt/artemis

3. Download the Artemis tar file with the following command.

$ wget https://archive.apache.org/dist/activemq/activemq-artemis/2.31.1/apache-artemis-2.31.1-bin.tar.gz

4. Extract the Artemis tar file with the following command:

$ tar -xzf apache-artemis-2.31.1-bin.tar.gz

5. After extracting the tar file, a folder named apache-artemis-2.31.1 will be created.

6. Navigate to the folder apache-artemis-2.31.1 using the command:

$ cd apache-artemis-2.31.1/

7. Create an Artemis Broker Instance using the command:

$ /opt/artemis/apache-artemis-2.31.1/bin/artemis create test-broker

Sample output:

 Creating ActiveMQ Artemis instance at: /opt/artemis/apache-artemis-2.31.1/test-broker

--user:
What is the default username?
agileapps

--password: is mandatory with this configuration:
What is the default password?

--allow-anonymous | --require-login:
Allow anonymous access?, valid values are Y, N, True, False
Y 

Auto tuning journal ...
done! Your system can make 50 writes per millisecond, your journal-buffer-timeout will be 20000

You can now start the broker by executing:

   "/opt/artemis/apache-artemis-2.31.1/test-broker/bin/artemis" run

Or you can run the broker in the background using:

   "/opt/artemis/apache-artemis-2.31.1/test-broker/bin/artemis-service" start

Enter the desired username and password under the respective commands. Ensure that you provide the value as Y for Allow anonymous access.

8. To make the Artemis admin console remotely accessible, you have to edit the bootstrap.xml and jolokia-access.xml under /var/lib/test-broker/etc/ directory. Update the following command changes.

$ vi test-broker/etc/bootstrap.xml
Existing command:       <code><binding name="artemis" uri="http://localhost:8161"></code>
To be changed as:       <code><binding name="artemis" uri="http://0.0.0.0:8161"></code>

$ vi test-broker/etc/jolokia-access.xml
Existing command:        <code><allow-origin>*://localhost*</allow-origin></code>
To be changed as:        <code><allow-origin>*</allow-origin></code>

9. Create a SystemD service file for Artemis using the command in the /etc/systemd/system directory.

$ vi /etc/systemd/system/artemis.service

Add the following to artemis.service file:

[Unit]
Description=Apache ActiveMQ Artemis
After=network.target
[Service]
Type=forking

ExecStart=/opt/artemis/apache-artemis-2.31.1/test-broker/bin/artemis-service start
ExecStop=/opt/artemis/apache-artemis-2.31.1/test-broker/bin/artemis-service stop

RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target 

10. Restart the systemctl daemon with the following command.

$ systemctl daemon-reload

11. Start the Artemis service with the following command.

$ systemctl start artemis

12. To check the Artemis through the ports, get the PID (Process ID) from systemctl status artemis and run the following command.

$ ss -tnlp | grep <ARTEMIS_PID>

Configuring session management

1. Log in to your LongJump account.
2. Navigate to Settings > Service Provider Settings > Service Configuration.
3. Click the Edit button at the top.
4. Under HornetQ configuration, update the following fields:
   • HornetQ Host: Enter the value as localhost or 127.0.0.1.
   • HornetQ Port: Enter the value as 61616.
   • HornetQ User: Enter your Artemis username.
   • HornetQ Password: Enter your Artemis password.
   • HornetQ QoS: Enter the value as 2.
5. Restart the LongJump application.
6. Navigate to Tenant Management System > Tenants.
7. Select the desired tenant.
8. Click Quick Links > Manage Tenant Capabilities.
9. Click the Edit button at the bottom.
10. Under Capabilities, check the Session Limits checkbox.
11. Click the Save button at the bottom.
    

The session management is configured for your tenant. You can now enable this in AgileApps.

Note: The workflow for session management differs between the old and new UI.

Enabling session management in new UI

1. Go to Configuration () > Account Management > Company Information.
2. Click the Edit button.
3. In the Session Management section, check the Enable Session Limit checkbox. The Session Management settings appear.
4. Update the session management settings:
   • Maximum # of concurrent sessions per user - The maximum number of concurrent sessions a user is allowed.
   • When limit is exceeded - What to do when a user reaches the session limit and attempts to log in again:
     • Automatically close oldest session - The oldest open session(s) are automatically closed. This is the default option.
     • Let user choose which session to close - A dialog appears, allowing the user to select the sessions to close or cancel the login attempt.
5. Click the Save button.

Managing sessions in new UI

Management by users

1. From the dashboard, click the Profile image at the top right.
2. Select Edit profile > Session Management.
3. In the Session Management tab, you can find the list of your active sessions with the following details:
   • Last login: Date and time of the last login.
   • Login type: Type of login (Web/Mobile).
   • Session details: Browser and device information of the session.
   • IP address: IP address of the session.
4. Select the session(s) you wish to terminate.
5. Click Logout Session(s) button.

Note: If the admin has enabled the "Let user choose which session to close" option, a dialog appears when a regular user attempts to log in while at the session limit. The oldest session will be automatically terminated for the SSO users irrespective of this option.

Management by admins

1. From the dashboard, click the Profile image at the top right.
2. Select Edit profile > Session Management.
3. In the Session Management tab, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. To manage the session of the users, enter the user name in the "Search user name to search sessions" field.
5. Select the session(s) you wish to terminate.
6. Click Logout Session(s) button.

Note: The users with User Management permission have the capability to manage the user sessions.

Enabling session management in old UI

1. From the dashboard, click the Settings dropdown at the top right and select Administration.
2. Click 'Account Management > Company Information.
3. Click the Edit button at the top right.
4. In the Session Management section, check the Enable Session Limit checkbox. The Session Management settings appear.
5. Update the Session Management settings:
   • Maximum # of concurrent sessions per user - The maximum number of concurrent sessions a user is allowed.
   • When limit is exceeded - What to do when a user reaches the session limit and attempts to log in again:
     • Automatically close oldest session - The oldest open session(s) are automatically closed. This is the default option.
     • Let user choose which session to close - A dialog appears, allowing the user to select the sessions to close or cancel the login attempt.
6. Click the Save button.

Managing sessions in old UI

Management by users

1. From the dashboard, click the Personalize dropdown at the top and select Personal Settings.
2. Click Session Management.
3. In the Session Management page, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. Select the session(s) you wish to terminate.
5. Click Logout Session(s) button.

Note: If the admin has enabled the "Let user choose which session to close" option, a dialog appears when a regular user attempts to log in while at the session limit. The oldest session will be automatically terminated for the SSO users irrespective of this option.

Management by admins

1. From the dashboard, click the Personalize dropdown at the top and select Personal Settings.
2. Click Session Management.
3. In the Session Management page, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. To manage the session of the users, enter the user name in the "Search user" field or click the Search icon and select the desired user.
5. Select the session(s) you wish to terminate.
6. Click Logout Session(s) button.

Note: The users with User Management permission have the capability to manage the user sessions.