Session Management

Overview #

The Manage Sessions page provides a way to view and manage the list of active sessions. The overall concurrent usage is provided along with per-session information. This user interface includes the ability to terminate sessions.

To open the Manage Sessions user interface: #

System Menu > Manage > Sessions

Session Information #

The following details are provided for each active session:

Item
Description
User ID@DomainSuffix The identifier for the user of the session (including domain suffix associated with the Account Domain that this user is defined in).
IP The IP address used to access edgeSuite for the session.
Login Time The starting time of the active session.
Last Access Time The last time the session actively performed an action against the system.
Duration The duration of the session.

Click any of the column headers to re-sort the listing according to that field.

Actions #

The following buttons are available in Manage Sessions:

Action
Description

Terminates the selected session.
Refresh Updates the active sessions list to show any changes.
Select All Selects all active sessions
Deselect All Deselects all sessions.

Session Timeout #

The Default Session Timeout for the system can be configured by altering a file on the server:

[INSTALL_HOME]/conf/custom.properties
# Adding the following line will change the default timeout to 20 minutes.
server.session.timeout=20

The system default is 60 minutes. This value is read in during the server initialization and appears as a read-only property inside the provisioning user interface. See Configuring Preferences for more information.

Session timeout is further configurable per Domain at Provision Domains > Preferences > Session Timeout.  The options are the following:

  • Yes – Inherit from the default system value
  • No – Override and specify a new timeout value for that Domain (in minutes)
    • Note: a value of -1 will keep the session alive indefinitely

User activity in the client (mouse movement, clicks, etc.) will keep a session alive. As long as the user is not idle (inactive for 30+ seconds), the client will contact the server via the websocket connection. The server manually updates the lastAccessedTime of the HttpSession. On session timeout/termination, a user will be redirected to the login screen, which will have “/login?lost#/” in the URL.

Known issues with Session Timeouts #

  • Mouse movements and clicks inside of proxy widgets are not detected as user activity and will not prevent session timeouts. However, HTTP requests from the proxy Visualizations are detected and will extend the session.
  • Currently there is no limit on the number of concurrent sessions for an individual user, other than any restriction on global concurrent sessions that may be included in the system license.