As described in "WS-SecureConversation Architecture", OWSM maintains the client and server secure conversation session information based on a computed Session ID. OWSM (via an internal session mechanism) computes the Session ID at runtime for each message, and associates one or more requests to a session.
Session management commands provide a way for you to release resources on the server when you know that a given client no longer requires the session.
A session is re-used for all requests coming from the same client. In the event a session has been removed manually, a new session is created. If a session is not released manually, it is released the next time that the server hosting the JVM is restarted.
Use the WLST commands listed in Table 3-13 to administer sessions.
For additional information about using these commands, see "Managing Secure Conversation Sessions" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Table 3-13 Secure Conversation Session Management Commands
| Use this command... | To... | Use with WLST... |
|---|---|---|
|
Display details about the specified active session. |
Online |
|
|
List sessions that are currently active for the Session Manager. |
Online |
|
|
List sessions that are active for the Session Manager for a specified key-value pair. |
Online |
|
|
Remove an active session to clear the sessions in a store. |
Online |
Command Category: Secure Conversation Session Management
Use with WLST: Online
Description
Gets the specified Session object. sessionName is returned by listWebServiceSessionNames().
The returned session names are appropriate for use as the name parameter in subsequent calls to getWebServiceSessionInfo(String) and removeWebServiceSession(String) commands.
All of the WebLogic Server instances within a domain must be running in order for this command to succeed. The scope of the session is the current Persistence provider.
For additional information about using these commands, see "Managing Secure Conversation Sessions" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Syntax
getWebServiceSessionInfo ("sessionName")
| Arguments | Definition |
|---|---|
|
|
Name of the active session for which information is displayed. |
Examples
In the following example, information about the session named 215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b is returned.
wls:/base_domain/serverConfig>
getWebServiceSessionInfo('215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b')
Name: 215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b
Creation time: Mon Nov 04 17:47:39 PST 2013
Last update time: Mon Nov 04 17:47:42 PST 2013
Expiration time: Mon Nov 04 18:17:41 PST 2013
Key info: [oracle.wsm.security.secconv.util.property.SCT, 0x0000014225F1A1260AE4F30351FD1544DC10ED14201988C8CFEDFDBE8E0E4B09]
Command Category: Secure Conversation Session Management
Use with WLST: Online
Description
Lists the names of all active sessions visible within the domain for the current Persistence provider. The returned list is a snapshot of the visible session instances and is subject to change.
The returned names are appropriate for use as the name parameter in subsequent calls to getWebServiceSessionInfo() and removeWebServiceSession() commands.
All of the WebLogic Server instances within a domain must be running in order for this command to succeed. The scope of the session is the current Persistence provider.
For additional information about using these commands, see "Managing Secure Conversation Sessions" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Syntax
listWebServiceSessionNames()
Examples
In the following example, there is one active session.
wls:/base_domain/serverConfig> listWebServiceSessionNames()
215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b
Command Category: Secure Conversation Session Management
Use with WLST: Online
Description
Lists the names of all sessions that have the name keyName and the value keyValue. keyName and keyValue are returned by getWebServiceSessionInfo().
The returned session names are appropriate for use as the name parameter in subsequent calls to getWebServiceSessionInfo(String) and removeWebServiceSession(String) commands.
All of the WebLogic Server instances within a domain must be running in order for this command to succeed. The scope of the session is the current Persistence provider.
For additional information about using these commands, see "Managing Secure Conversation Sessions" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Syntax
listWebServiceSessionNamesForKey ("keyName", "keyValue")
| Arguments | Definition |
|---|---|
|
|
A string that specifies the key name for which to list the session names. |
|
|
A string that specifies the key value for which to list the session names. |
Examples
In the following example, there is one active session for the key name oracle.wsm.security.secconv.util.property.SCT that has a value of 0x0000014225F1A1260AE4F30351FD1544DC10ED14201988C8CFEDFDBE8E0E4B09.
wls:/base_domain/serverConfig> listWebServiceSessionNamesForKey('oracle.wsm.security.secconv.util.property.SCT', '0x0000014225F1A1260AE4F30351FD1544DC10ED14201988C8CFEDFDBE8E0E4B09') 215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b
Command Category: Secure Conversation Session Management
Use with WLST: Online
Description
Remove a Session object by giving its name. sessionName is returned by listWebServiceSessionNames().
All of the WebLogic Server instances within a domain must be running in order for this command to succeed. The scope of the session is the current Persistence provider.
For additional information about using these commands, see "Managing Secure Conversation Sessions" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Syntax
removeWebServiceSession ("sessionName")
| Arguments | Definition |
|---|---|
|
|
Name of the active session to remove. |
Examples
In the following example, the session named 215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b is removed.
wls:/base_domain/serverConfig>
removeWebServiceSession('215d0d4a5ebbc3fec662f46adedc5bc74ecbc87b')