Manage Logged in User Sessions

Owned by Megan Ellis
Aug 23, 2022
7 min read

Concurrent users are frevvo users that are logged in simultaneously. frevvo displays a max user limit has been reached message for tenants with limited concurrent users licenses when more than the allowed number of users attempt to log into frevvo.

What does the Superuser/tenant admin(s) do if users are reporting this error?

The Manage Sessions link on the Manage Tenant page opens the User Interface to view/manage the number of active users. The UI is available to:

  • The initial Tenant Admin user (set up when the tenant was created). The tenant admin login is the only user allowed to login when the maximum number of concurrent sessions has been reached. This login is not counted against the license. The tenant admin can view/manage active users only for their tenant.
  • Superuser admin - view/manage active users for all tenants by navigating to each tenant and clicking on the Manage Sessions link
  • Additional admin users - view/manage active users but this login will be counted against the license and listed in the Sessions Table. Additional admins will not be allowed to login once the max user count is reached.


On This Page:

View Active Users

The Manage Sessions Page displays the current number of sessions and the max session count based on your frevvo license.  A table displaying the current active user sessions provides the following information:

  • User Id
  • Last Access Time
  • Login Time
  • Does the user have the frevvo.Designer role? (Yes/No)
  • User's device - (Desktop/Tablet/Phone).

  • Session Timeout (min) - the session timeout in minutes set up for the tenant. 

The 30 minute Session Timeout setting shown in the images is the default value for frevvo running in an on-premise environment. The value for tenants in the frevvo Cloud will change based on operational needs.

The entries in the table are sorted by last access time in descending order. Columns in the Sessions Table that are sortable display the up and down arrow icon in the column header.  Clicking on the up section of the arrow icon in one column sorts all the columns in the table in the ascending direction. Clicking on the down section of the arrow icon in the column header in one column sorts all the columns in the table in the descending direction.

The table shows a maximum of 200 entries. Twenty-five sessions per page display but you can change that to 10, 50 or 100 by clicking the preferred option in the Show Entries dropdown.

Manage Active User Sessions

The tenant admin can take one of two actions to reduce the number of active users:

  • Send an email to a selected user requesting they log out
  • Kill a selected user session.

You can only select one user at a time.

When a session in the table is selected, the Kill Session and Request Log Out buttons are enabled.


Send Logout Request

Follow these steps to send a logout request to a user:

  1. Click the checkbox to select the user from the Sessions Table.
  2. Click the Send Logout Request button.
  3. Customizable Email Subject and Message fields display. Both fields are required.



  4. Click Send. An Email Has Been Sent message displays.



  5. The user will receive the Logout Request email.

  6. When the notified user logs out, the Sessions Table will reflect the change.

    • Click the Refresh button to manually update the Sessions table.
    • The Session Timeout that displays in the table reflects the value entered on in the Session Timeout field when Editing the tenant. If the field is left blank, the default value of 30 minutes displays.

  7. Cloud Server logs will show INFO level statements about the Log Out Request email.

    2019-02-23 14:46:20.088  INFO 7269a9c4-925f-49f2-bf12-3cfb2e7c79ae mycompany 19792 --- [pool-2-thread-3] com.frevvo.util.HttpClientHolder         [mycompany admin] [7269a9c4-925f-49f2-bf12-3cfb2e7c79ae 8536F313278E020685F2100435675A82] [admin _bDd4YX76EduXFsA4l9RQeQ _D7qUoMiyEei-8vQQDpbnhQ] : Rewrote internal url: frevvo://frevvo/web/tn/mycompany/session/314791E552A3E8543A29BD7F2E4066C0 to: http://localhost:8082/frevvo/web/tn/mycompany/session/314791E552A3E8543A29BD7F2E4066C0
2019-02-23 14:46:26.602  INFO 01f991f6-f5b4-40ee-9f47-f4f4a8b9a29d mycompany 19792 --- [http-nio-8082-exec-8] com.frevvo.service.MailService           [mycompany admin] [01f991f6-f5b4-40ee-9f47-f4f4a8b9a29d 8536F313278E020685F2100435675A82] [  ] : Email sent to xxxx.xxxxx.com, cc'ed to null bcc'ed to null: Please log out
2019-02-23 14:46:26.628  INFO 7269a9c4-925f-49f2-bf12-3cfb2e7c79ae mycompany 19792 --- [pool-2-thread-3] com.frevvo.forms.rule.RuleObserver       [mycompany admin] [7269a9c4-925f-49f2-bf12-3cfb2e7c79ae 8536F313278E020685F2100435675A82] [admin _bDd4YX76EduXFsA4l9RQeQ _D7qUoMiyEei-8vQQDpbnhQ] : ** Rule ended [Logout Request.Post to frevvo] (6549 ms)

Kill Session

Follow these steps to terminate a user session:

  1. Click the checkbox to select the user from the Sessions Table.
  2. Click the Kill Session button.
  3. Click Ok when prompted to confirm the action.



  4. The Session Has Been Killed message displays:



  5. The Sessions table automatically refreshes with the updated information.



     Click the Refresh button to manually update the Sessions table.
  6. Users performing a workflow Task from their Task List or designers developing forms/workflows when their session is killed, will see the error:



  7. , When the Continue button is clicked, they will immediately be presented with the login screen. Changes to the Task or form/workflow will not be saved. They will have to login again and establish a new session.



  8. The user will receive an email explaining that their session was terminated by the administrator



  9. Cloud Server logs will show INFO level statements reflecting who killed the session

    Log entry when tenant admin kills the session for user jessica
    2019-02-23 14:23:12.603  INFO 7a6dfa8e-4472-465e-a5f0-8bbd167de381 mycompany 10992 --- [http-nio-8082-exec-2] com.frevvo.users.UserQuota               [mycompany admin] [7a6dfa8e-4472-465e-a5f0-8bbd167de381 659202F79EFA145F02D5E10EB977410C] [  ] : Tenant (mycompany): logout: num users: 1. Server num users: 1
2019-02-23 14:23:20.116  INFO 7a6dfa8e-4472-465e-a5f0-8bbd167de381 mycompany 10992 --- [http-nio-8082-exec-2] com.frevvo.service.MailService           [mycompany admin] [7a6dfa8e-4472-465e-a5f0-8bbd167de381 659202F79EFA145F02D5E10EB977410C] [  ] : Email sent to xxxx.xxxxx.com, cc'ed to null bcc'ed to null: Session termination
2019-02-23 14:23:20.116  INFO 7a6dfa8e-4472-465e-a5f0-8bbd167de381 mycompany 10992 --- [http-nio-8082-exec-2] com.frevvo.forms.web.SessionResource     [mycompany admin] [7a6dfa8e-4472-465e-a5f0-8bbd167de381 659202F79EFA145F02D5E10EB977410C] [  ] : Session 85C80AC65C888C0AC85ADA731D5090D2 terminated by administrator

Additional Admin Users

Users added to the tenant as additional administrators will be able to - view/manage active users but their login will be counted against the license and listed in the Sessions Table. Additional admins are not allowed to login once the max user count is reached. Admin users managing user sessions will be prevented from killing their own session if they attempt to do so. The message displayed is shown in the image:

 

 The Superuser/Tenant Admin can kill sessions for additional admin users.

LDAP, SAML or Azure Security Managers

You may notice a slightly different behavior if your tenant is configured for the LDAP, SAML or Azure Security Manager. The tenant admin user setup when your tenant was created or a tenant admin user set up in your IDP will be able to login once the max user count is reached.

For example, a tenant configured for the SAML Security Manager has an initial tenant admin user set up when the tenant was created (built-in) and has a tenant admin user in the Active Directory that SAML is using.

You can log into the tenant after the max user count is exceeded by:

  • Browsing this URL - http(s)://<server:port>/frevvo/web/login and logging into the tenant as the built-in admin OR
  • Browsing this URL - http(s)://<server:port>/frevvo/web/tn/<SAML tenant name>/login and logging in as the SAML user tenant admin  .

The tenant admin user will not appear in the Manage User session list or be counted against the license.

Logging in as a user from the Manage User screen

Once the max user limit has been reached message displays, the superuser/tenant admin cannot login as a user from the Manage Users page.

The tenant admin will see this message:

Changes to the Server Configuration screens

The Server Configuration screen, accessible to the superuser admin, shows the following changes:

  • Max Concurrent Users has been renamed to Max Concurrent Sessions.
  • The Current Session Count across all tenants has been added to the table.

The Tenant Admin will still see Max Concurrent Users on the View Configuration screen.

Cloud Log Entries for User Sessions

As users login/logout of frevvo, entries in the frevvo Cloud logs are captured. Here is a snippet of the logged statements when users jessica, robert and the tenant admin login and then logout of a tenant named mycompany.

2019-03-06 13:32:22.409 INFO 99d71fff-970b-40dc-8278-5ad1d43f1112 mycompany 17600 --- [http-nio-8082-exec-8] com.frevvo.users.UserQuota [mycompany jessica] [99d71fff-970b-40dc-8278-5ad1d43f1112 D1525B5FC43C8ADC19901C9948B8F9DA] [ ] : Tenant (mycompany): login: num users: 1. Server num users: 1
2019-03-06 13:32:22.429 INFO 99d71fff-970b-40dc-8278-5ad1d43f1112 mycompany 17600 --- [http-nio-8082-exec-8] com.frevvo.forms.web.LoginResource [mycompany jessica] [99d71fff-970b-40dc-8278-5ad1d43f1112 D1525B5FC43C8ADC19901C9948B8F9DA] [ ] : Login successful: jessica@mycompany
2019-03-06 13:32:31.870 INFO 18524c1c-a2c3-4080-8737-0adb791635e5 mycompany 17600 --- [http-nio-8082-exec-9] com.frevvo.users.UserQuota [mycompany robert] [18524c1c-a2c3-4080-8737-0adb791635e5 B2BBFD495B5F0138DD605D8E10BBD884] [ ] : Tenant (mycompany): login: num users: 2. Server num users: 2
2019-03-06 13:32:31.899 INFO 18524c1c-a2c3-4080-8737-0adb791635e5 mycompany 17600 --- [http-nio-8082-exec-9] com.frevvo.forms.web.LoginResource [mycompany robert] [18524c1c-a2c3-4080-8737-0adb791635e5 B2BBFD495B5F0138DD605D8E10BBD884] [ ] : Login successful: robert@mycompany
2019-03-06 13:32:50.037 INFO 41a2cb55-1df7-4085-b830-c5922cf813ca mycompany 17600 --- [http-nio-8082-exec-5] com.frevvo.forms.web.LoginResource [mycompany admin] [41a2cb55-1df7-4085-b830-c5922cf813ca B94148D7117A30A3AAF8CBF2540A7EAE] [ ] : Login successful: admin@mycompany
2019-03-06 13:34:38.079 INFO 27156f0b-d56b-483c-a142-34d1911e9ab4 mycompany 17600 --- [http-nio-8082-exec-3] com.frevvo.users.UserQuota [mycompany robert] [27156f0b-d56b-483c-a142-34d1911e9ab4 B2BBFD495B5F0138DD605D8E10BBD884] [ ] : Tenant (mycompany): logout: num users: 1. Server num users: 1
2019-03-06 13:34:38.081 INFO 27156f0b-d56b-483c-a142-34d1911e9ab4 mycompany 17600 --- [http-nio-8082-exec-3] com.frevvo.forms.web.LogoutResource [mycompany robert] [27156f0b-d56b-483c-a142-34d1911e9ab4 B2BBFD495B5F0138DD605D8E10BBD884] [ ] : Logout successful: robert@mycompany (tenant user count = 1)
2019-03-06 13:34:54.784 INFO ec029c69-425a-4291-802c-f771336df928 mycompany 17600 --- [http-nio-8082-exec-5] com.frevvo.users.UserQuota [mycompany jessica] [ec029c69-425a-4291-802c-f771336df928 D1525B5FC43C8ADC19901C9948B8F9DA] [ ] : Tenant (mycompany): logout: num users: 0. Server num users: 0
2019-03-06 13:34:54.784 INFO ec029c69-425a-4291-802c-f771336df928 mycompany 17600 --- [http-nio-8082-exec-5] com.frevvo.forms.web.LogoutResource [mycompany jessica] [ec029c69-425a-4291-802c-f771336df928 D1525B5FC43C8ADC19901C9948B8F9DA] [ ] : Logout successful: jessica@mycompany (tenant user count = 0)
2019-03-06 13:44:51.038 INFO 0cb6ceb9-4f3b-4ca1-8e67-37c1af7cfe44 mycompany 17600 --- [http-nio-8082-exec-9] com.frevvo.forms.web.LogoutResource [mycompany admin] [0cb6ceb9-4f3b-4ca1-8e67-37c1af7cfe44 B94148D7117A30A3AAF8CBF2540A7EAE] [ ] : Logout successful: admin@mycompany (tenant user count = 0)