Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12436

The ../sessions?_action=validate endpoint always resets the session's idle time

    XMLWordPrintable

    Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1
    • 6.0.0
    • session
    • Rank:
      1|hzvadj:
    • No
    • No
    • Yes
    • Yes and I used the same an in the description

      Description

      In AM 5.x and above the ../sessions?_action=validate endpoint currently always resets the SSO token idle time. In a high load environment this means for every SSO session validate call a write is made to CTS and thus will incur a significant performance overhead. Previous versions of AM included the `../sessions?_action=isActive` action for this case, but this was not included in the refactor for AM 5.x.

      This ticket is to introduce a means for the caller to determine if the session is valid, without updating the last accessed timestamp (and therefore a possible write to the CTS). The proposed method of doing this is by adding a new parameter to the `validate` action to allow the caller to decide whether it should refresh the session or not.

      Example call:

      curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header "iplanetDirectoryPro:$sso_token"  'http://openam.test.com:8080/openam/json/realms/root/sessions?_action=validate'
      

      This should be updated to allow the following:

      curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header "iplanetDirectoryPro:$sso_token"  'http://openam.test.com:8080/openam/json/realms/root/sessions?_action=validate&refresh=false'
      

      The response from this would indicate that the session was valid without updating the idle time.

        Attachments

          Issue Links

            Activity

              People

              pilar.gomez Pilar Gomez [X] (Inactive)
              shokard Darinder Shokar
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: