Global application logout on timer

Global application logout on timer

  

I have an application requirement for all users to be logged out at 6:30AM and 6:30PM.  We would like them logged out globally, but if we could be specific with only certain roles being logged out that would be ideal.  Could someone please provide direction as to how this could be achieved? Or answer the question "Could this be achieved?"

Our platform is on-premises, using windows authentication, and external db.

Thank you in advance!

Hi Jason, I don't know if it's already exists in platform.

However, if you have not more ideias, I suggest you look for about Session tables in Database Outsystems.

I did once an application that forced logoff for all users, and I used these tables for control, if you can do that you could create a timer to execute at  6:30AM and 6:30PM.

This Ideia not the best, but it work.

Paulo Ricardo Fagundes Júnior wrote:

Hi Jason, I don't know if it's already exists in platform.

However, if you have not more ideias, I suggest you look for about Session tables in Database Outsystems.

I did once an application that forced logoff for all users, and I used these tables for control, if you can do that you could create a timer to execute at  6:30AM and 6:30PM.

This Ideia not the best, but it work.

Hey Paulo, would you know which tables I would refer to, to achieve that functionality?  Unfortunately I'm not familiar with the schema of the outsystems session tables.


Jason Waltman wrote:

Paulo Ricardo Fagundes Júnior wrote:

Hi Jason, I don't know if it's already exists in platform.

However, if you have not more ideias, I suggest you look for about Session tables in Database Outsystems.

I did once an application that forced logoff for all users, and I used these tables for control, if you can do that you could create a timer to execute at  6:30AM and 6:30PM.

This Ideia not the best, but it work.

Hey Paulo, would you know which tables I would refer to, to achieve that functionality?  Unfortunately I'm not familiar with the schema of the outsystems session tables.


You can use my extension to execute this queries

https://www.outsystems.com/forge/component/1305/advancequery/


These tables are in session Database.


Delete session where SessionId :

"DELETE FROM ASPStateTempSessions WHERE SessionId='"+SessionId+"'"



Select users who are logged in:

" SELECT    DISTINCT
            TempSessions.SessionId, 
            TempSessions.Created, 
            TempSessions.Expires, 
            TempSessions.LockDate, 
            TempSessions.LockDateLocal, 
            TempSessions.LockCookie,
            TempSessions.Timeout,
            TempSessions.Locked,
            ExtVars.Cookie
FROM ASPStateTempSessions TempSessions
INNER JOIN ASPStateTempSessionsExtVars ExtVars ON ExtVars.SessionId = TempSessions.SessionId
Where ExtVars.UserId = "+UserId+""
Solution

Please up-vote the following idea:

https://www.outsystems.com/ideas/3580/allow-to-force-the-application-users-logout


If you like it ;)

Solution

Daniel Martins wrote:

Please up-vote the following idea:

https://www.outsystems.com/ideas/3580/allow-to-force-the-application-users-logout


If you like it ;)

Great idea!  i liked it 


That’s fairly easy to implement by using the OnBeginWebRequest event which gets called every time a page gets displayed. In here you can do a check for the time and issue the logout command which will force a logout, or if you don't want to clear their session but just stop them accessing the system do a redirect to a "Come back later" screen.. Then on the login page check the time to prevent the user from logging back in. If you don't want to have to do this on every espace you could clone the "user" user provider and add it in there which I think will then get called by every application automatically that uses that user provider. Creating a new user provider just for this is a bit of an overkill though.


Note that I don't think OnBeginWebRequest gets calls on REST endpoints and not certain about ajax calls