In that case, how does the user get hold of the SessionID to do the API call? Does s/he has to get it from the cookie? or is there another API that provides all the commonauthId values that were generated for all the browser sessions?
Thanks. On Tue, Sep 4, 2018 at 2:39 PM, Chuhaashanan Nagenthiran < chuhaasha...@wso2.com> wrote: > Hi Dulanja, > > Yes. SessionID is the same value in commonauth cookie. > > Regards, > > On Tue, Sep 4, 2018 at 12:48 PM, Dulanja Liyanage <dula...@wso2.com> > wrote: > >> Hi Chuhaashanan, >> >> How is this SessionID generated? Is it same as the value of commonauthId >> cookie? >> >> Thanks, >> Dulanja >> >> On Mon, Sep 3, 2018 at 6:16 PM, Chuhaashanan Nagenthiran < >> chuhaasha...@wso2.com> wrote: >> >>> +1 >>> >>> On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote: >>> >>>> Hi Chuhaashanan, >>>> It would be much extensible if "Session" table has JSON structure or >>>> something along, having "Browser, OS, Location" etc. >>>> Reason is that, Browser info has lot of sub units (e.g. Engine, >>>> Version), OS (Type, Version, Distribution), Location(Country, City, >>>> Coordinates) >>>> Also we might need Device. >>>> >>>> Cheers, >>>> Ruwan >>>> >>>> >>>> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran < >>>> chuhaasha...@wso2.com> wrote: >>>> >>>>> Hi All, >>>>> >>>>> *Problem* >>>>> >>>>> A user may wants to view his recently or currently logged in session >>>>> details and terminate a currently logged in acc. But wso2 IS server does >>>>> not provide this function now. >>>>> >>>>> >>>>> *Solution* >>>>> >>>>> Develop an API to provide following functionalities. >>>>> >>>>> - Retrieve information of currently logged in and recently used >>>>> sessions since last password changes. >>>>> - Retrieve Time, location, OS and browser details of each session >>>>> Logged in and recently used. >>>>> - Terminate a particular logged in account. >>>>> >>>>> >>>>> *Retrieve session information* >>>>> >>>>> >>>>> >>>>> >>>>> * - User can view his currently logged in details and recently used >>>>> session information. In each session, information about last time used, >>>>> location, browser and OS details.- To view information, user has to >>>>> request >>>>> HTTP GET request with SessionID and can query by ServiceProvider detail >>>>> for >>>>> particular account. Then API will query alive UserID for given details and >>>>> produce required information for user.* >>>>> >>>>> >>>>> *Terminate a particular account* >>>>> >>>>> >>>>> >>>>> >>>>> - If a user or admin wants to logged out from a logged in account, >>>>> he can terminate particular account session. >>>>> - If Identity Provider/ Service Provider/ User Account is deleted >>>>> by admin, session will be automatically terminated by event listeners. >>>>> - *To terminate an account, user has to request HTTP POST request >>>>> with SessionID and can query by ServiceProvider detail for particular >>>>> account. Then API will query alive UserID for given details and >>>>> terminate >>>>> account.* >>>>> >>>>> >>>>> >>>>> *Database design* >>>>> >>>>> >>>>> - *UserID* which is mapped to* IDP, IDP UserID* and *Service >>>>> Provider* is used to identify unique account. >>>>> - Through *UserID*, information of particular account will be >>>>> provided. >>>>> - In *Session* table, details of *Browser, OS* and *Location* will >>>>> not be used in query. So we can store this information as JSON object. >>>>> >>>>> >>>>> Regards >>>>> >>>>> -- >>>>> Chuhaashanan >>>>> Intern - Software Engineering >>>>> >>>>> >>>>> >>>> >>>> -- >>>> >>>> *Ruwan Abeykoon* >>>> *Associate Director/Architect**,* >>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >>>> *lean.enterprise.middleware.* >>>> >>>> >>> >>> >>> -- >>> Chuhaashanan >>> Intern - Software Engineering >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Thanks & Regards, >> Dulanja Liyanage >> Lead, Platform Security Team >> WSO2 Inc. >> > > > > -- > Chuhaashanan > Intern - Software Engineering > > -- Thanks & Regards, Dulanja Liyanage Lead, Platform Security Team WSO2 Inc.
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
