I noticed when I was logged into the server as "admin" that I was showing up as logged in as myself. Could this be because I failed to log out of the web client? Is there a way to "kill" these orphan sessions? Are they anything to be concerned about?
Thanks,
Mike:o
Abandoned Sessions
Moderator: SourceGear
Re: Abandoned Sessions
Did you refresh the page? Try that first after a few minutes.
If the login stays, try logging into the web client again with that same login. Any problems there?
If the login stays, try logging into the web client again with that same login. Any problems there?
Beth Kieler
SourceGear Technical Support
SourceGear Technical Support
Re: Abandoned Sessions
Yes, refreshing the page doesn't change it. Neither does logging in and logging back out using that user ID.
I did a little more digging (being a bit of a geek at heart) and here's what I found:
1) I queried the sessions table in the database this morning before anyone had logged into the system and found 6 sessions listed there (2 were mine, 2 for another user, 1 for a 3rd user & 1 for "admin"). Last activity dates ranged from yesterday afternoon to 3 days ago.
2) I then logged into the web client and refreshed my query which resulted in a seventh record appearing (my 3rd). I had no problems logging in.
3) I then logged out of the web client and refreshed the query again which showed that the new record had been removed from the database.
4) Next I repeated step #2 with the same results (a 3rd session appeared in the list for me).
5) Finally I shut down the web client without logging out - the third session remained.
(UPDATE - when I connected to the web client again it recognized my session and bypassed the login screen. Presumably this is because I didn't close the browser, only the tab that had my Vault session in it. Logging out of the session then removed the record.)
My basic questions are:
1) Will these orphaned sessions continue to build up or is there a process that clears them after some period of time?
2) Is there any harm in leaving them (if there get to be a large number of them) aside from the fact that you can't really tell who's logged in and who isn't?
3) Is there any reason that I couldn't simply delete the records corresponding to these orphaned sessions from the database?
By the way, the Windows client doesn't exhibit this same behavior - it removes the session record when it's shut down...
(BTW, we are on version 4.1.3.18296 of Vault)
I did a little more digging (being a bit of a geek at heart) and here's what I found:
1) I queried the sessions table in the database this morning before anyone had logged into the system and found 6 sessions listed there (2 were mine, 2 for another user, 1 for a 3rd user & 1 for "admin"). Last activity dates ranged from yesterday afternoon to 3 days ago.
2) I then logged into the web client and refreshed my query which resulted in a seventh record appearing (my 3rd). I had no problems logging in.
3) I then logged out of the web client and refreshed the query again which showed that the new record had been removed from the database.
4) Next I repeated step #2 with the same results (a 3rd session appeared in the list for me).
5) Finally I shut down the web client without logging out - the third session remained.
(UPDATE - when I connected to the web client again it recognized my session and bypassed the login screen. Presumably this is because I didn't close the browser, only the tab that had my Vault session in it. Logging out of the session then removed the record.)
My basic questions are:
1) Will these orphaned sessions continue to build up or is there a process that clears them after some period of time?
2) Is there any harm in leaving them (if there get to be a large number of them) aside from the fact that you can't really tell who's logged in and who isn't?
3) Is there any reason that I couldn't simply delete the records corresponding to these orphaned sessions from the database?
By the way, the Windows client doesn't exhibit this same behavior - it removes the session record when it's shut down...
(BTW, we are on version 4.1.3.18296 of Vault)
Re: Abandoned Sessions
We remove old (older than 3 days) sessions on every login/logout request. If logouts are never happening then you might want to see exactly how many are collecting. They shouldn't hurt anything unless you are really ending up with a lot of them.
Beth Kieler
SourceGear Technical Support
SourceGear Technical Support