This post covers key points related to Session Manager in Oracle Access Manager (OAM) 11g. For step by step installation of OAM 11g click here
OAM – Oracle Access Manager (Web Access Management and Web SSO solution from Oracle)
SME – Session Management Engine (component of OAM)
Key Points for Session Management in OAM 11g
1. OAM 10g was stateless application where as in OAM 11g, user session is stateful (For list of difference between OAM 10g & 11g click here ).
2. In OAM 11g User Session Data is stateful and stored at following places
a) Local In-Memory Cache of each Managed Server on which OAM is running (oam_server1 on port 14100)
b) Distributed In-Memory Cache shared by all Managed Server on which OAM is running (For OAM 11g deployment in Cluster) using Coherence
c) Optionally in Database (under schema [prefix]_OAM created using RCU). To know more about RCU here
3. During install time (while running config.sh to create WebLogic domain), you select “Oracle Access Manager with Database Policy Store” which configures Policy Store and Session Store to database.
4. In OAM 11g (by default) Policy Data & User session data is stored in single database (details under $DOMAIN_HOME/config/jdbc/oam-db-jdbc.xml) under one schema however it is possible to configure OAM Policy Data in to one database and user session data in another database.
5. To configure User Session Data to different database check steps here
This is done by editing datasource jdbc/oamds under SmeDb in $DOMAIN_HOME/config/fmwconfig/oam-config.xml
6. Default User Session Datastore used by OAM is using oamDS JDBC datastore
7. There are three settings which determines User Session Lifecycle – Session Lifetime, Idle Timeout, Maximum Number of Sessions per User
These settings can be configured via http://serverName:port/oamconsole (Where Port is Admin Server Port – default 7001) -> System Configuration -> Server Instances -> Session
a) Session Lifetime : 480 minutes – User Session will expire after this period (even active user session)
b) Idle Timeout : 15 minutes – User Session will expire for any idle session for 15 minutes
c) Maximum Number of Sessions per User : 8 # User can have multiple session in OAM 11g
8. Administrator can Manage Active User Sessions (Find & Delete) from OAM Console http://serverName:port/oamconsole (Where Port is Admin Server Port – default 7001) -> System Configuration -> System Utilitiess -> Session Management
9. User session is stored in database (if configured) under tables : OAM_SESSION, OAM_SESSION_ATTRIBUTE