Session Management deprecated
Introduction
With v7.10.0 the Open-Xchange middleware offers the user the possibility to check what other sessions are already active based on his credentials. Information shown per session consists of IP address, time of login, client and user-agent associated to this session. In case the IP-based geolocation service is active the location of the ip address is also shown. Additionally the user is able to terminate any of his sessions, e.g. if a device has been stolen.
Configuration
This feature is included in open-xchange-core package. Thus, no additional packages need to be installed.
Client blacklist
It's possible to blacklist client-identifiers, those sessions are not displayed for the user. This is recommended for clients that open user sessions for maintenance reasons. By default, the blacklist is empty. To blacklist clients, their client-identifiers have to be added to com.openexchange.session.management.clientBlacklist as a comma-separated list.
Use of geolocation service (optional)
With an active geolocation service, in the sessions overview the user gets information about the location, based on the IP address assigned to that session. To enable geolocation service, the package open-xchange-geoip-maxmind has to be enabled. The packages can be enabled in your chart's values.yaml:
core-mw:
  packages:
    status:
      open-xchange-geoip-maxmind: enabled
This package uses the geolocation service provided by MaxMind Inc. (www.maxmind.com), no further configuration of this service is needed.
Examples
Blacklisting clients
Example configuration to blacklist OX Mailapp and clients connected via Exchange ActiveSync:
com.openexchange.session.management.blacklist=open-xchange-mobile-api-facade,open-xchange-mailapp,USM-EAS
Example response for sessionmanagement?action=all
{
   "data":[
      {
         "sessionId":"1234...",
         "ipAddress":"10.0.0.1",
         "client":"open-xchange-appsuite",
         "userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
         "location":"Intranet",
         "loginTime":1523608503520,
         "lastActive":1523867134252,
         "device":{
            "displayName":"OX App Suite, Chrome 65 auf Linux",
            "os":{
               "name":"linux"
            },
            "client":{
               "name":"chrome",
               "version":"65",
               "type":"browser",
               "family":"chrome"
            }
         }
      },
      {
         "sessionId":"9876...",
         "ipAddress":"10.0.0.2",
         "client":"USM-EAS",
         "userAgent":"Open-Xchange USM HTTP Client",
         "location":"Intranet",
         "loginTime":1523556905644,
         "lastActive":1523867035734,
         "device":{
            "displayName":"Microsoft Exchange ActiveSync Client",
            "client":{
               "type":"eas",
               "family":"usmeasclient"
            }
         }
      }
   ]
}
Clients are grouped in the following types: * browser - e.g. for web UI
 * oxapp - for apps like OX Drive or OX Mailapp * eas - for clients connected via Exchange ActiveSync * dav - for clients connected via CalDAV/CardDAV * other - all other clients
