Session Management

About Session Management

A session is defined as one browser on one device, where a user accesses the platform. The browser can have multiple windows open, but it still counts as one session. When Session Management is activated, users subject to session limits must log off existing sessions to start a new one when the limit is reached. Administrators can turn the feature on or off, set the maximum number of sessions per user, and view in-progress user sessions. To log in after reaching the session limit, old sessions can be automatically or selectively closed by the user or an admin.

Considerations:

• Session limits do not apply to admins with User Management permission.
• Multiple windows in a single browser constitute one session, not multiple sessions.

Exception:

If a new browser window is created by clicking the browser icon, it is a separate session.

However, if the new window is created from within the browser (for example, by pressing Ctrl+N), then the new window is part of the same session.

• When a window is started in a browser's "incognito" mode, it is considered a new session. (Note: If a second window is created in that mode, it is part of the same "incognito" session.)
• If the maximum number of sessions is reduced, then upon the next login, a user who reaches the new limit will be required to terminate multiple sessions, or have them terminated automatically, depending on the account configuration.

Working with Sessions

When the Session Limits option is enabled, you can specify the maximum number of concurrent sessions a user is allowed to have open at one time.

The Session Limits option is enabled by your Service Provider. The default single sign-on setting on on-premises installation is Off. The default single sign-on setting on the cloud is On. (Contact Support to make changes.)

Configuring session management

1. Log in to your LongJump account.
2. Navigate to Settings > Service Provider Settings > Service Configuration.
3. Click the Edit button at the top.
4. Under HornetQ configuration, update the following fields:
   • HornetQ Host: Enter the value as localhost or 127.0.0.1.
   • HornetQ Port: Enter the value as 61616.
   • HornetQ User: Enter your Artemis username.
   • HornetQ Password: Enter your Artemis password.
   • HornetQ QoS: Enter the value as 2.
5. Restart the LongJump application.
6. Navigate to Tenant Management System > Tenants.
7. Select the desired tenant.
8. Click Quick Links > Manage Tenant Capabilities.
9. Click the Edit button at the bottom.
10. Under Capabilities, check the Session Limits checkbox.
11. Click the Save button at the bottom.
    

The session management is configured for your tenant. You can now enable this in AgileApps.

Note: The workflow for session management differs between the old and new UI.

Enabling session management in new UI

1. Go to Configuration () > Account Management > Company Information.
2. Click the Edit button.
3. In the Session Management section, check the Enable Session Limit checkbox. The Session Management settings appear.
4. Update the session management settings:
   • Maximum # of concurrent sessions per user - The maximum number of concurrent sessions a user is allowed.
   • When limit is exceeded - What to do when a user reaches the session limit and attempts to log in again:
     • Automatically close oldest session - The oldest open session(s) are automatically closed. This is the default option.
     • Let user choose which session to close - A dialog appears, allowing the user to select the sessions to close or cancel the login attempt.
5. Click the Save button.

Managing sessions in new UI

Management by users

1. From the dashboard, click the Profile image at the top right.
2. Select Edit profile > Session Management.
3. In the Session Management tab, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. Select the session(s) you wish to terminate.
5. Click Logout Session(s) button.

Note: If the admin has enabled the "Let user choose which session to close" option, a dialog appears when a regular user attempts to log in while at the session limit. The oldest session will be automatically terminated for the SSO users irrespective of this option.

Management by admins

1. From the dashboard, click the Profile image at the top right.
2. Select Edit profile > Session Management.
3. In the Session Management tab, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. To manage the session of the users, enter the user name in the "Search user name to search sessions" field.
5. Select the session(s) you wish to terminate.
6. Click Logout Session(s) button.

Note: The users with User Management permission have the capability to manage the user sessions.

Enabling session management in old UI

1. From the dashboard, click the Settings dropdown at the top right and select Administration.
2. Click 'Account Management > Company Information.
3. Click the Edit button at the top right.
4. In the Session Management section, check the Enable Session Limit checkbox. The Session Management settings appear.
5. Update the Session Management settings:
   • Maximum # of concurrent sessions per user - The maximum number of concurrent sessions a user is allowed.
   • When limit is exceeded - What to do when a user reaches the session limit and attempts to log in again:
     • Automatically close oldest session - The oldest open session(s) are automatically closed. This is the default option.
     • Let user choose which session to close - A dialog appears, allowing the user to select the sessions to close or cancel the login attempt.
6. Click the Save button.

Managing sessions in old UI

Management by users

1. From the dashboard, click the Personalize dropdown at the top and select Personal Settings.
2. Click Session Management.
3. In the Session Management page, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. Select the session(s) you wish to terminate.
5. Click Logout Session(s) button.

Note: If the admin has enabled the "Let user choose which session to close" option, a dialog appears when a regular user attempts to log in while at the session limit. The oldest session will be automatically terminated for the SSO users irrespective of this option.

Management by admins

1. From the dashboard, click the Personalize dropdown at the top and select Personal Settings.
2. Click Session Management.
3. In the Session Management page, you can find the list of your active sessions with details such as last login, login type, session details, and IP address.
4. To manage the session of the users, enter the user name in the "Search user" field or click the Search icon and select the desired user.
5. Select the session(s) you wish to terminate.
6. Click Logout Session(s) button.

Note: The users with User Management permission have the capability to manage the user sessions.