Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12436

The ../sessions?_action=validate endpoint always resets the session's idle time

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1
    • Fix Version/s: 6.0.0
    • Component/s: session
    • Labels:
    • Target Version/s:
    • Needs backport:
      No
    • Needs QA verification:
      No
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      In AM 5.x and above the ../sessions?_action=validate endpoint currently always resets the SSO token idle time. In a high load environment this means for every SSO session validate call a write is made to CTS and thus will incur a significant performance overhead. Previous versions of AM included the `../sessions?_action=isActive` action for this case, but this was not included in the refactor for AM 5.x.

      This ticket is to introduce a means for the caller to determine if the session is valid, without updating the last accessed timestamp (and therefore a possible write to the CTS). The proposed method of doing this is by adding a new parameter to the `validate` action to allow the caller to decide whether it should refresh the session or not.

      Example call:

      curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header "iplanetDirectoryPro:$sso_token"  'http://openam.test.com:8080/openam/json/realms/root/sessions?_action=validate'
      

      This should be updated to allow the following:

      curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header "iplanetDirectoryPro:$sso_token"  'http://openam.test.com:8080/openam/json/realms/root/sessions?_action=validate&refresh=false'
      

      The response from this would indicate that the session was valid without updating the idle time.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                pilar.gomez Pilar Gomez [X] (Inactive)
                Reporter:
                shokard Darinder Shokar
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: