Force logout through a workflow

dominikw5224500

03-01-2019

Hi,

I'm working on a workflow which disables certain group of users. It's pretty simple and works almost as expected with one exception - I can't manage to force logout users who are currently log in to the console. I used this option in 'Access rights' in operators' section but can't enforce it via workflow. Do you have any thoughts how to perform such action?

Thanks,

Dominik

Accepted Solutions (1)

Accepted Solutions (1)

Jean-Serge_Biro

MVP

04-01-2019

Hi Dominik,

Sorry I don't know at all how to achieve the list of all active connection, most of all with ACS which is an On Cloud environment managed directly by Adobe.
The ACS REST API is limited to standard use cases.

As for KillSession that seems not supported by ACS nor ACC On Cloud but only ACC in On Premise mode, I wonder how Adobe would allow such list active session; in ACC there is not such function in JSAPI.


So for ACC On premise only it would need either a workflow activity "nlserver module" with command nlserver pdump -who" pr an Exec Command workflow activity in order to run the nlserver command or the JSAPI below:
execCommand

But nothing similar for ACS, unfortunately for your needs (even though I understand perfectly why Adobe can't allow this for mutualized Cloud hosting)

Regards
J-Serge

Answers (6)

Answers (6)

Jean-Serge_Biro

MVP

03-01-2019

Hi Dominik,

Please may you confirm that you are using ACS?

For ACC (v6/v7) with OnPremise hosting only, there is an API function of xtk:session:

KillSession

and this function is the one called in the postSave section of the xtk:operator form.

Unfortunately with ACS or ACC Cloud hosting, it seems that you are not allowed to manage the soap/http session by your own, for security reasons (that I can easily understand).

Regards
J-Serge

dominikw5224500

04-01-2019

@Asish,

by a mistake I created this topic is wrong section. I'm working with ACC, not the standard one.

Jean-Serge Biron​, it's fine - I was just curious if maybe there is such option. I have performed some tests and it seems that KillSession works also on ACC on Cloud but it needs around 5-10 minutes to end user's session.

One more time, many thanks for your support!

asish_kumarp599

04-01-2019

In ACS, my understanding is if you are able to revoke access rights, the user shouldn't be able to access it next time it reloads the page or access a new feature even if he/she is logged in to ACS instance in the browser before. I am not sure if a force log out is needed here as everyone access the ACS instance in web browser and they don't use client console like ACC. Am I missing something here?

dominikw5224500

04-01-2019

Jean-Serge,

One more question. I see that I can kill session for all users based on their login but do you know how to query application server for the list of all active connections?

Best regards,

Dominik

dominikw5224500

03-01-2019

Hi Jean-Serge,

My mistake, I'm using ACS. Sorry for confusion.

Nevertheless, thanks for pointing KillSession function out, it seems that's the solution I was looking for.

Best regards,

Dominik