- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2014 09:19 AM
I'm looking for a way to invalidate a user session on our ServiceNow instance to force them to relogin without locking their account.
I have not been able to determine a way to do this either in script or via the user or logged in users form.
Does anyone know if this is possible?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-02-2014 05:27 PM
When you lock out a user, it triggers a business rule called "Lock Out User" that terminates the user's session. You can use the script from that business rule to do the same without locking out the user's account.
// Get all sessions
var sessions = GlideSessions.get().getLoggedInSessionList();
var it = sessions.iterator();
while(it.hasNext()) {
var session = it.next();
// If session is current users session, invalidate the session
if (session.getUser() == current.user_name) {
var httpSession = session.getHS();
httpSession.setAttribute("locked_out", "true");
}
}
Blog: https://sys.properties | Telegram: https://t.me/sys_properties | LinkedIn: https://www.linkedin.com/in/slava-savitsky/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-03-2014 09:02 AM
Thanks Robert. There are times that we want to be able to on demand invalidate a user or set of users sessions. One such case is during certain releases where we want to force all users to relogin and create a new session. This script should allow me to invalidate users sessions. However I'm still investigating how to potentially do this for all current users since I think this would require me running this script on each node of my environment and I cannot designate which node I login to. I think I can achieve this via scheduled jobs by setting the job to run on a specific node.
-Bryan