About ICX Session
Parameter
|
Default
|
Recommendation
|
ICX:Session Timeout
|
None
|
30 (minutes)
|
ICX: Limit Time
|
4 (hours)
|
4 (hours)
|
ICX: Limit Connect
|
1000
|
2000
|
ICX:Session
Timeout - This profile option determines the
length of time (in minutes) of inactivity in a user's form session before the
session is disabled. Note that disabled does not mean terminated or
killed. The user is provided the opportunity to re-authenticate and
re-enable their timed-out session. If the re-authentication is successful, the
disabled session is re-enabled and no work is lost. Otherwise, the session is
terminated without saving pending work. This functionality is available
via Patch 2012308 (included in 11.5.7, FND.E). Note: Setting the profile
value to greater than 30 minutes can drain the JVM resources and cause ‘out of
memory’ errors.
· ICX: Limit time - This profile option defines the maximum connection time
for a connection – regardless of user activity. If 'ICX:Session Timeout'
is set to NULL, then the session will last only as long as 'ICX: Limit Time',
regardless of user activity.
· ICX: Limit connect - This profile option defines the maximum number of
connection requests a user can make in a single session. Note that other EBS
internal checks will generate connection requests during a user session, so it
is not just user activity that can increment the count.
- Jserv(Java)TimeoutSettings
Parameter
|
Recommendation
|
disco4iviewer.properties:session.timeout
|
5400000
(milliseconds)
|
formservlet.ini:FORMS60_TIMEOUT
|
55 (minutes)
|
formservlet.properties:session.timeout
|
5400000
(milliseconds)
|
jserv.conf:ApJServVMTimeout
|
360 (seconds)
|
mobile.properties:session.timeout
|
5400000
(milliseconds)
|
zone.properties:session.timeout
|
5400000
(milliseconds)
|
zone.properties:servlet.framework.initArgs
|
5400000
(milliseconds)
|
These settings are located at:
../*ora/iAS/Apache/Jserv/etc
JServ Timeout is specified by the value of the
property session.timeout in the JServ configuration file zone.properties, and
represents the number of milliseconds to wait before ending an idle JServ
session (the default is 30 minutes). This timeout is used by products
based on Oracle Applications Framework (OAF).
1.
What happens when a user logs in to Ebiz ?
a.
EBS
server generates a new session, which is not yet stored in the database, and
b.
encrypted version of the session id is passed back to the
browser in a cookie with key-name JSESSIONID. HTTP response header looks
something like,
c.
Browser uses this JSESSIONID for all further
interactions with EBS server. You can easily see this, if you monitor HTTP
traffic between your machine and the EBS server.
d.
Browser sends a POST request to EBS server
along with cookie information which it got from the server in the first place.
First and foremost, an entry is created in FND_LOGINS table.
e.
select * from fnd_logins where user_id =( select user_id from fnd_user where user_name='SRIDHAR' ) order by
start_time desc;
f.
FND_LOGINS table has following important columns like LOGIN_ID,
START_TIME and END_TIME. LOGIN_ID is auto generated and unique. There could be many
LOGIN_IDs associated with a single USER_ID. Even if same user logs onto EBS
server from the same machine using two browser instances, two rows in
FND_LOGINS table would get generated, each with different LOGIN_ID.START_TIME
is the time when user logs in and END_TIME is updated only if user explicitly
logs out from the application.
g.
Next an entry is made into ICX_SESSIONS table. ICX_SESSIONS and
FND_LOGINS tables are are correlated by the column LOGIN_ID. ICX_SESSIONS has
session id whose encrypted version was sent out by EBS server in the first
place when user brings up EBS login page.
h.
select * from icx_sessions where user_id =( select user_id from fnd_user where user_name='SRIDHAR' ) ;
i.
When user logs out from the application, with
JSESSIONID passed as part of the cookie, EBS figures out from the corresponding
row in ICX_SESSIONS table, gets LOGIN_ID, gets corresponding entry from
FND_LOGINS table and updates END_TIME and which basically means session has
been terminated
j.
Before Logout
No comments:
Post a Comment