How to use gs.getSession() functions for other users?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2017 06:09 AM
We already have a script that cache certain items on our CMS portal. I am going to design a UI Action (button) on sys_user form. Clicking this button should do the following and clear the portal cache for that particular user. The problem is that I am unable to run this code for other users as these functions are related to current logged in user.
gs.getSession().clearClientData(CachedItem_1);
gs.getSession().clearClientData(CachedItem_2);
gs.getSession().clearClientData(CachedItem_3);
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2017 06:12 AM
The ultimate way to clear your cache is with 'cache.do', but only administrators are supposed to use this as it can create performance issues.
Yes, gs.getSession() is used to find out information all about the current user. Are you sure you want user A to clear the cache for other users? This seems like a potential performance risk. What's the use case? Can you provide an example? Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2017 06:28 AM
We have a script include specifically designed for our CMS portal. This script include has a function for caching certain items specific to that logged in user e.g. user's company, language, logo etc. using following statements.
gs.getSession().putClientData(Company);
gs.getSession().putClientData(language);
gs.getSession().putClientData(Logo);
There is another function in that script include for clearing above cached items using following statements. This particular function to clear cache is called when current logged in user changes the language from a language drop down available on the portal itself.
Now, I want to perform same action for other users by having a button on sys_user form. This button will of course be visible to authorized users only.
gs.getSession().clearClientData(Company);
gs.getSession().clearClientData(Language);
gs.getSession().clearClientData(Logo);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2017 06:52 AM
If I'm not mistaken, the session data is kept both on the ServiceNow instance and on the user's browser via a session based cookie. As far as I know, there's no way to manipulate cookies from someone else's browser without them a) being at the browser, b) doing the action themselves. That would be a major security problem.
I'd be interested to hear what others have to say on the subject.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2017 09:36 AM
The user's session will be cleared when they log out and log back in. In Istanbul and administrator can use the "Logged In Users" module to manually log out any active user session. Would that be good enough?
Why do you want to have an administrator manually clear out a user session? What is the business value?
