Here, SessionID is got from the cookie and user makes the API call by using the sessionID.
Thanks. On Tue, Sep 4, 2018 at 5:32 PM, Dulanja Liyanage <dula...@wso2.com> wrote: > In that case, how does the user get hold of the SessionID to do the API > call? Does s/he has to get it from the cookie? or is there another API that > provides all the commonauthId values that were generated for all the > browser sessions? > > Thanks. > > On Tue, Sep 4, 2018 at 2:39 PM, Chuhaashanan Nagenthiran < > chuhaasha...@wso2.com> wrote: > >> Hi Dulanja, >> >> Yes. SessionID is the same value in commonauth cookie. >> >> Regards, >> >> On Tue, Sep 4, 2018 at 12:48 PM, Dulanja Liyanage <dula...@wso2.com> >> wrote: >> >>> Hi Chuhaashanan, >>> >>> How is this SessionID generated? Is it same as the value of commonauthId >>> cookie? >>> >>> Thanks, >>> Dulanja >>> >>> On Mon, Sep 3, 2018 at 6:16 PM, Chuhaashanan Nagenthiran < >>> chuhaasha...@wso2.com> wrote: >>> >>>> +1 >>>> >>>> On Mon, Sep 3, 2018 at 5:42 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote: >>>> >>>>> Hi Chuhaashanan, >>>>> It would be much extensible if "Session" table has JSON structure or >>>>> something along, having "Browser, OS, Location" etc. >>>>> Reason is that, Browser info has lot of sub units (e.g. Engine, >>>>> Version), OS (Type, Version, Distribution), Location(Country, City, >>>>> Coordinates) >>>>> Also we might need Device. >>>>> >>>>> Cheers, >>>>> Ruwan >>>>> >>>>> >>>>> On Wed, Aug 15, 2018 at 2:09 PM Chuhaashanan Nagenthiran < >>>>> chuhaasha...@wso2.com> wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> *Problem* >>>>>> >>>>>> A user may wants to view his recently or currently logged in session >>>>>> details and terminate a currently logged in acc. But wso2 IS server does >>>>>> not provide this function now. >>>>>> >>>>>> >>>>>> *Solution* >>>>>> >>>>>> Develop an API to provide following functionalities. >>>>>> >>>>>> - Retrieve information of currently logged in and recently used >>>>>> sessions since last password changes. >>>>>> - Retrieve Time, location, OS and browser details of each session >>>>>> Logged in and recently used. >>>>>> - Terminate a particular logged in account. >>>>>> >>>>>> >>>>>> *Retrieve session information* >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> * - User can view his currently logged in details and recently used >>>>>> session information. In each session, information about last time used, >>>>>> location, browser and OS details.- To view information, user has to >>>>>> request >>>>>> HTTP GET request with SessionID and can query by ServiceProvider detail >>>>>> for >>>>>> particular account. Then API will query alive UserID for given details >>>>>> and >>>>>> produce required information for user.* >>>>>> >>>>>> >>>>>> *Terminate a particular account* >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> - If a user or admin wants to logged out from a logged in >>>>>> account, he can terminate particular account session. >>>>>> - If Identity Provider/ Service Provider/ User Account is deleted >>>>>> by admin, session will be automatically terminated by event listeners. >>>>>> - *To terminate an account, user has to request HTTP POST request >>>>>> with SessionID and can query by ServiceProvider detail for particular >>>>>> account. Then API will query alive UserID for given details and >>>>>> terminate >>>>>> account.* >>>>>> >>>>>> >>>>>> >>>>>> *Database design* >>>>>> >>>>>> >>>>>> - *UserID* which is mapped to* IDP, IDP UserID* and *Service >>>>>> Provider* is used to identify unique account. >>>>>> - Through *UserID*, information of particular account will be >>>>>> provided. >>>>>> - In *Session* table, details of *Browser, OS* and *Location* >>>>>> will not be used in query. So we can store this information as JSON >>>>>> object. >>>>>> >>>>>> >>>>>> Regards >>>>>> >>>>>> -- >>>>>> Chuhaashanan >>>>>> Intern - Software Engineering >>>>>> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> >>>>> *Ruwan Abeykoon* >>>>> *Associate Director/Architect**,* >>>>> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >>>>> *lean.enterprise.middleware.* >>>>> >>>>> >>>> >>>> >>>> -- >>>> Chuhaashanan >>>> Intern - Software Engineering >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> Dulanja Liyanage >>> Lead, Platform Security Team >>> WSO2 Inc. >>> >> >> >> >> -- >> Chuhaashanan >> Intern - Software Engineering >> >> > > > -- > Thanks & Regards, > Dulanja Liyanage > Lead, Platform Security Team > WSO2 Inc. > -- Chuhaashanan Intern - Software Engineering
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev