Session information

Value resolver – Abstract

Purpose: Returns the 'Session information' object for the current session.

images/download/attachments/91138138/image2022-3-3_11-41-19-version-1-modificationdate-1646304079203-api-v2.png

The Session information value resolver returns an entity of the 'Session information' type containing information about the current session or a login context temporarily changed by the Run as event action.

NOTE◄ The map can be enriched with specific additional content for the session in the additionalData field via the event 'Initialize additional session data' (see Login (Events)).
The 'Session information' object can only be accessed in read-only mode within a session.

The following table shows the content of the 'Session information' object structured by subjects. This also includes information that can be accessed directly via other value resolvers of the Session based (Resolvers) category.

In combination with the immediate field contents, the table also lists (with light blue shading) content that can be found under predefined keys in a map for 'Additional session data' (in the additionalData field).


Subject

Field name/Map[ Key ]

Data type

Content

Entity

Session information

 
id
 
Long

Internal ID of the 'Session information' object

Formally available but only assigned with default value: created (null), creatorId (0), ownerId (0), partialLoaded (false)

Login context

Temporarily variable by Run as event action:

User

 
user

'Interface > User'

User of session; depending on the type of session, a user or guest user account (see Users, Guest users)

Company

 
currentOwner

'Interface > Owner'

Company of session; a company account (see Company accounts)

 
additionalData[ parentCopmanies ]
 
Long[]

List of IDs of all Company accounts directly or indirectly superordinated to the Company of session.

Roll



 
currentRole

'Interface > Roles'

Role of session (see Roles)

 
permissionTree

'Permission tree'

Permissions of the Role of session as a tree structure

 
additionalData[ parentRoles ]
 
Long[]

List of IDs of all directly or indirectly parent Roles of the Role of session

Not influenced by the Run as event action (update only when a session is logged in):

Locale

 
locale
 
String

Current locale

Time zone
(not applicable for Guest users)

 
additionalData[ userTimeZone ]
 
String

Name of the 'default time zone' (defaultTimeZone) applicable in the session, according to the logged in user account or company account:

  • When both accounts define a different 'Default time zone', the specification in the user account has priority.

  • When neither of the two accounts defines a 'Default time zone', then the default time zone of the server effectively takes effect in the system. However, 'no value' (null) is specified as userTimeZone.

Text modules
(not applicable for Guest users)

These text modules were introduced for the original FLEX client type.
They may still be used, but they are not relevant for the client type HTML5_DESKTOP, which is used from version 4 of Lobster Data Platform / Orchestration onwards.

additionalData[ welcomeText ]

 
String

Concatenation of the following fields from the address of the logged in user account (user.address) separated by spaces:

  • Salutation (salutation)

  • Name 1 (name1)

  • Name 2 (name2)

additionalData[ welcomeTooltip ]

 
String

Concatenation of fields from the actual login context (user, role, company) according to the following structure:
{user.address.name1} {user.address.name2} ({user.id})
{currentRole.roleName}
{currentOwner.address.name1} ({currentOwner.id})

Client/Browser information

Client
&
browser

 
clientType
 
String

'Client type' (see Active users); mostly: HTML5_DESKTOP

 
dmzInfo
 
String

IP addresse of the DMZ

 
hostInfo
 
String

IP address of the client

 
userAgentName
 
String

Browser identifier

 
userAgentVersion
 
String

Browser version identifier

additionalData[ $client-id$ ]

 
String

Client endpoint ID

additionalData[ isMobile ]

 
Boolean

Indicator for 'mobile' session (see Mobiles Endgeraet)

Session information

Session

 
sessionToken
 
String

Session token (unique for the session)

 
startTime
 
Date

Start time of the current session

 
lastAccess
 
Date

'Last contact' to the server (see Active users)

 
lastActivity
 
Date

'Last activity' of the session on the server (see Active users)

 
safeMode
 
Boolean

Safe mode (safeMode) indicator

additionalData[ authHandler ]

 
String

Name of the specific class for the login type
(user login, guest user login or portal login)

additionalData[ serverURL ]

 
String

Base URL for calling the session (domain).

Additional session data

(see details above with blue shading)

 
additionalData
 
Map

Map with 'Additional session data' provided automatically by the system or before the start of the actual session via the 'Initialize additional session data' event.

Configuration

The Session information value resolver does not use any parameters and ignores the input value.

Example

In response to a specific Custom action event (XF_SESSION_DETAILS), a message with important information about the current session is displayed when a regular user (see Users) and not a guest user (see Guest users) is logged in.

Runtime example:

In the ribbon menu Administration/Data context a 'Session information' button is added in the context of selected views. This button is used to trigger the custom action event XF_SESSION_DETAILS 'on order'.

However, it can also be triggered automatically by other events (e.g. 'Client logged in', see Login (Events)) or within a workflow via the Dispatch action event.

An example of formatted output of specific data from the 'Session information' object is shown below on the right. Displayed here are:

  • CLIENT: Client type

  • BROWSER: Type and version of the browser used

  • SITE: URL used to log in the session

  • SESSION: Internal identifiers for the session

  • STARTED: Registration date

  • USER: User name and ID of the applicable user account

  • ROLE: Role name and ID of the applicable role

  • COMPANY: 'Name 1' from the address of the applicable company

NOTE◄ USER, ROLE and COMPANY may differ from the actual session within a workflow if a temporarily different login context is defined via the Run as event action.

images/download/attachments/91138138/image2022-3-3_11-53-30-version-1-modificationdate-1646304810540-api-v2.png

images/download/attachments/91138138/image2022-3-3_11-39-41-version-1-modificationdate-1646303981917-api-v2.png

Configuration:

A Custom action event XF_SESSION_DETAILS is created and assigned as a Triggering event to the event handler shown on the right.

The Validating rule is intended to ensure that the 'Session Details' display is only executed when a 'full' user (and not, for example, a guest user) is logged in.

The message should also not appear if, within a guest user session, the XF_SESSION_DETAILS event is triggered by a workflow in which the User of session has been temporarily modified by Run as. Therefore, the rule must not refer to the User of session or to the user field in the return value of Session information.

Here, within an Entity property rule rule, an Object property value resolver reads the value to the authHandler key in the map that provides the Session information in the additionalData field. This refers exactly to the full name of the UserAuthenticationHandler class (see static text on the right of the image) if the session goes back to a 'user login'. So the Validating rule will not be passed if there is a 'Guest user login' (via GuestUserAuthenticationHandler) or a 'Portal login' (via PortalAuthenticationHandler).

images/download/attachments/91138138/image2022-3-3_11-54-51-version-1-modificationdate-1646304891908-api-v2.png

A Show alert (Popup) event action is configured here as the Action on passed rule:

  • The Type 'Alert' has been selected here so that the message is displayed for an indefinite period of time and the user can also acknowledge it by clicking 'OK'. Furthermore, the text displayed in the 'Alert' can be selected if necessary and copied to the clipboard of the operating system. This should be explicitly possible here – e.g. for sending the displayed data in an e-mail to the support team.

  • The Title for the 'alert' is provided here by the Triggering event value resolver.

  • In the Message, the Session information value resolver returns the 'Session information' object that contains all the data to be output. The structure of the message can therefore be defined quite easily via the Template value resolver. This interprets the core:SessionInformation object provided as input as a 'print object', whose data is prepared here using XPath expressions in conjunction with literal values.

NOTE◄ In the example, the XPath expression for the value of the 'SITE' illustrates how accessing a value of the additionalData map via XPath (here via the serverURL key) works.

In place of the Template value resolver, a Concat strings could also be used here, which composes field values from the 'Session information' object in steps with static texts via Object property value resolvers. It should be noted that the field names (see also table above) in most cases, but not always completely, match the corresponding element or attribute names in the XML structure of the object. In the example, the XPath expression{@token} would be equivalent to accessing the sessionToken field of the object.

images/download/attachments/91138138/image2022-3-3_11-55-46-version-1-modificationdate-1646304946485-api-v2.png