For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!
Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.
Hi,
Has any one worked with OAM Access SDK to log users out. Has anyone tried to automate this? I have a requirement to clean out sessions without having to wait for them to timeout. we have OAM PS1.
thanks in advance.
If the application need to logout user, then it can invoke logoff method on the object of UserSession class. Please check the SDK API doc but you need to invoke this method based on some event.
https://docs.oracle.com/cd/E28280_01/dev.1111/e12491/as_api.htm#AIDEV119
Thanks,
Amey
Yes use the Usersession class as replied above. You will need to invoke logoff method to terminate the user session or log off the user.
public void logoff()
throws AccessException
Logs off the authenticated user and terminates the session.
Throws:
AccessException - If error occurs during operation
Hello,
Thanks for the response. I've seen this and working on this, i guess the question is can i use this UserSession.logoff() API to log all the users out, in a loop for example.
Best Regards.
to be specific.. the document shows the following. It appears that i can only logoff the current user in session. I may have 100 users logged into access manager at any given time. I don't have their passwords. Can I get all the users that are currently logged in? and use logoff API to log them out? What would be sequence of call there.
Hashtable creds = new Hashtable();
creds.put("userid", ms_login);
creds.put("password", ms_passwd);
UserSession session = new UserSession(rrq, creds);
if (session.getStatus() == UserSession.LOGGEDIN) {
if (session.isAuthorized(rrq)) {
System.out.println("User is logged in and authorized for the"
+"request at level " + session.getLevel());
} else {
System.out.println("User is logged in but NOT authorized");
}
//user can be loggedout by calling logoff method on the session object
Refer this LINK where it talks about retrieving session id. You can get session id from OAM database directly ( via sql statement, select * from oam_session). Actually this will give you all the current sessions in OAM (Yes this table only holds the current/ sessions of users logged in to/via OAM). The sessions information will provide you the unique session_id, userid of the user (and other info as well like time logged in etc). The code in the above LINK provides an example of iterator that goes over all the session ids to provide you the userid. You can use this info in your code and terminate that user session. Hope this helps, please mark as helpful or resolved. Thanks
Hello IdmSk,
I was able to retrieve sessions using oam_session table. However, UserSession object can only be constructed using SessionToken and not session_id. Is there a way to get SessionToken to all users that are logged into oam_session? what table has this information?
Once i get sessiontoken i can construct a UserSession and call logoff method on it.
thanks,
Prasad
Also when i tried to get session attributes I am getting the following error:
oracle.security.am.asdk.OperationNotPermittedException: OAMAGENT-02005: Operation not permitted on this server.
at oracle.security.am.asdk.UserSession.getSessionAttributes(UserSession.java:1454)
at oracle.security.am.asdk.UserSession.getSessionAttributes(UserSession.java:1330)
at OAMLogoutUsers.main(OAMLogoutUsers.java:50)
I checked Allow Management Operations and this error is gone, however now i am getting the following for terminateSession(ac, sessionid) call.
oracle.security.am.asdk.AccessException: OAMAGENT-02021: The Access Server has returned a fatal error with no detailed information.
at oracle.security.am.asdk.UserSession.terminateSession(UserSession.java:1151)
at OAMLogoutUsers.main(OAMLogoutUsers.java:52)
I was able to terminate the user session by using sessionID as is. I was parsing it till now.