Limiting the number of concurrent user sessions

By default, users can have an unlimited number of concurrent sessions. For example, a user could open IBM® Software Hub in 3 different web browsers and have 3 concurrent sessions. You can optionally limit the number of concurrent sessions that a user can have.

Who needs to complete this task?

To complete this task, you must have one of the following roles on the Red Hat® OpenShift® Container Platform cluster:

  • Cluster administrator
  • Instance administrator
When do you need to complete this task?
Complete this task if you want to limit the number of concurrent sessions users can have.

Repeat as needed If you have multiple instances of IBM Software Hub, repeat this task for each instance where you want to limit the number of concurrent sessions.

Before you begin

Best practice: You can run many of the commands in this task exactly as written if you set up environment variables for your installation. For instructions, see Setting up installation environment variables.

Ensure that you source the environment variables before you run the commands in this task.

About this task

By default, users can have an unlimited number of concurrent sessions. You can edit the IBM Software Hub product-configmap ConfigMap to limit the number of concurrent sessions.

A session is created each time the user logs in to IBM Software Hub. If the user does not log out of a session, they can end up with multiple, concurrent sessions. If you limit the number of concurrent sessions, a user's oldest session is automatically removed if the user reaches the limit. For example, if you set the limit at 3 sessions, and a user tries to open a fourth session, the user's oldest session is removed.

When a session is removed, the record for the session is be removed from the user_sessions database table. Any attempts to use the JWT token associated with the session return an error:

  • If the user is in the web client, the user receives a 302 error.
  • If the user is making API calls, the user receives a 401 error.

Procedure

To limit the number of concurrent user sessions:

  1. Log in to Red Hat OpenShift Container Platform as a user with sufficient permissions to complete the task. 
    ${OC_LOGIN}
  2. Set the SESSION_LIMIT environment variable to the maximum number of concurrent sessions that you want to allow: 
    export SESSION_LIMIT=<number-of-sessions>
  3. Set the CONCURRENT_SESSIONS_PER_USER parameter in the product-configmap ConfigMap: 
    oc patch configmap product-configmap \
--namespace=${PROJECT_CPD_INST_OPERANDS} \
--type=merge \
--patch="{\"data\": {\"CONCURRENT_SESSIONS_PER_USER\": \"${SESSION_LIMIT}\"}}"
  4. Restart the usermgmt pods for the changes to take effect: 
    oc delete pods \
--namespace=${PROJECT_CPD_INST_OPERANDS} \
-l component=usermgmt