Active Sessions Didn't Get Invalidate After User Reset or Change His Password (Doc ID 2730151.1)

Last updated on JANUARY 18, 2022

Applies to:

Oracle Banking Digital Experience - Version 20.1.0.0.0 and later
Information in this document applies to any platform.

Symptoms

ACTUAL BEHAVIOR
---------------
User can continue accessing application in different browsers and devices even after password is changed.

EXPECTED BEHAVIOR
-----------------------
User's active sessions must be made invalid after password change.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Login with any user in browser 1
2. Login with same user in another browser (browser 2)
3. Change the password (from logged in session of browser 1)
4. User can continue to perform transactions in browser 1
5. Go back to another browser , user can continue to perform transaction even after password change.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Active Sessions Didn't Get Invalidate After User Reset or Change His Password (Doc ID 2730151.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!