You can verify your configured session lifecycle operations.
Authenticate:
Access a resource from a browser using a credential other than your Administrative credential.
Verify that the session exists, as described in "Locating and Managing Active Sessions".
Multiple Sessions:
From a second browser (with cookies removed), access the same resource.
Verify that two sessions exist.
Delete all sessions, (Step 7 of "Locating and Managing Active Sessions") and confirm that the Active sessions are removed.
Re-authentication Verification:
From the second browser (Step 2), access a different resource to confirm that you must re-authenticate.
Enter credentials for the resource.
Verify that a session was created.
Database Verification:
Delete all sessions.
Connect to the database and run the following query:
SQL> select * from oam_session
Confirm that you see the following results:
no row selected
From the second browser, access a different resource.
Connect to the database and run the following query
SQL> select * from oam_session
Confirm that you see one row of data:
1 rows selected
Select rows from OAM_SESSION_ATTRIBUTES and confirm that data exists for the user.