Skip to main content

We find that database sessions remain in inactive status for a period of time. Our users logon to IFS applications and we can see the new session. When the user, via the File->Exit menu option, logs off the application, the session remains. The attached example illustrates this. This Test User logged off over 5 hours ago but there are frequent calls to the database. Should these sessions be killed off automatically with the middleware server session and if so whats the best way to configure this?

Using the RMB option Kill Session from Solution Manager->Monitoring->Database Sessions successfully terminates the session.

It seems like the system hangs onto permissions. For example if we grant a permissions set to a user and they log on (with no inactive sessions existing) then the permissions are applied. if the user then logs off and we apply different permissions (at this point there will be an existing inactive session), then these new permissions are not applied. The new logon sessions has the old permissions. We have refreshed the security cache before the user logs back on. The only way we can get the user session to apply the latest permissions granted is to kill all inactive sessions.

 

Hi @Stephen Hall,

According to the screenshot you have attached, the category of the sessions are “Other session”. According to Foundation1 documentation, this type of sessions are not initiated by interactive clients such as IEE or Aurena, but from other tools such as SQLPlus. 

You can find the documentation here:

https://docs.ifs.com/techdocs/foundation1/040_administration/270_monitoring/040_database_sessions/default.htm

Have you checked whether the user is logged in from elsewhere using development tools or something similar?

Regarding the permissions issue, I think this is happening because of how the connection pools are designed in middleware to re-use connections and to use proxy authentication. Have you tried refreshing both Dictionary and Security caches after granting new permissions?

Hope this helps!

Thanks for your comments Charith. The users are only initiating sessions via IFS applications. This is done remotely using the Parallels client. I wonder if these “Other Sessions” could somehow be related to the Parallels client

The scenario is

  1. User logs on and picks up permissions from the database
  2. User logs off. Although we still see the database session in IFS Solution Manager
  3. We grant new permissions set and refresh the security and dictionary cache
  4. User logs back on but doesn’t pick up new permissions
  5. User logs off
  6. We Kill the Database Session for the user
  7. User logs back on and picks up the new permissions

These are two sessions related to connections where the user has since logged off using the File->Exit option withing the IFS application. Note that there is nearly 24 hours between Creation Time and Last Call

Regards Stephen

It's probably your Phoenix and Django apps that automatically re-connect if the session is killed. You could try to prevent login of that user using alter user .... with nologin then kill those sessions manually. As the user is no longer allowed to login, any attempt from those apps will fail –

Terms & ConditionsCookie settings