OAM 11gR2PS2 User Session Management Questions

(Doc ID 1940557.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Goal

This document answers some questions regarding the session management in Oracle Access Manager (OAM) 11g R2PS2 (11.1.2.2).

1. When a user accesses a protected application page in a browser and logs in, a session gets created in OAM which can be seen in Session Management link of OAM Admin console.

When the user closes the browser and opens the same browser again and access the protected application, the user is prompted for login and after login, a new session is created which can be seen in OAM admin console.

There are then 2 sessions for the same user and out of those two, the first one is no longer used. Why cannot OAM utilize the same old session?


2. When an authenticated user leaves their browser idle for longer than the WebGate idle session timeout, the user is prompted to relogin in order to access protected application pages. Does this create 2 user sessions in OAM?


3. What is the way to cleanup the unusued OAM sessions for users who close their browser instead of clicking logout in the application? Is there any script that can be run to purge these sessions? Will sessions that have reached idle user timeout also be purged?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms