Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
This document answers some questions regarding the session management in Oracle Access Manager (OAM) 11g R2PS2 (220.127.116.11).
1. When a user accesses a protected application page in a browser and logs in, a session gets created in OAM which can be seen in Session Management link of OAM Admin console.
When the user closes the browser and opens the same browser again and access the protected application, the user is prompted for login and after login, a new session is created which can be seen in OAM admin console.
There are then 2 sessions for the same user and out of those two, the first one is no longer used. Why cannot OAM utilize the same old session?
2. When an authenticated user leaves their browser idle for longer than the WebGate idle session timeout, the user is prompted to relogin in order to access protected application pages. Does this create 2 user sessions in OAM?
3. What is the way to cleanup the unusued OAM sessions for users who close their browser instead of clicking logout in the application? Is there any script that can be run to purge these sessions? Will sessions that have reached idle user timeout also be purged?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms