On our single user demo system, I have an orphaned client that refused to go away.
Our demo system lives in a DMZ so we can access it from the outside world. I was preparing for a demo when I entered an incorrect password. (I had been logging in and out with no problem until then) I got the incorrect user/password notice. I entered the correct password. I was told that a client was already running and was blocked from running the application.
Now I can’t get rid of the “running” client. Because I am connected through a firewall the gateway shows the client connected from the firewalls IP.
We do something like this for our admin account in case we forget to logout.
if "Administrator" in system.security.getRoles() and system.util.getInactivitySeconds() > 900 and not system.security.isScreenLocked():
system.security.lockScreen()
elif "Administrator" in system.security.getRoles() and system.util.getInactivitySeconds() > 3600:
system.security.logout()
You could link this to a button action and substitute for hostnames,ip’s, or clientid’s, and customize to your needs.
The sessions are “remembered” across restarts of the Gateway b/c they are serialized in a file called “.sessions”. You could remove that file when the gateway is shut down and then start it back up.
We had a function for a while where if you were authenticated in the gateway web interface there was a “kill session” link next to each session in the Status section. I removed it b/c I thought it was silly b/c the active clients simply re-established their sessions transparently. I’ll add it back in b/c it would be useful to remove orphaned sessions.