Java Policy Agents 2023.3

HTTP Session Binding

When true, the agent invalidates the HTTP session in these circumstances:

  • Login failure

  • When the user has no SSO session

  • When the principal user name does not match the SSO user name

Property name

org.forgerock.agents.http.session.binding.enabled

Aliases

com.sun.identity.agents.config.httpsession.binding
  Introduced in Java Agent 5.0
  Recognized from AM 6

org.forgerock.agents.http.session.binding.enabled
  Introduced in Java Agent 5.6

Type

Boolean: true returns true; all other strings return false.

Default

true

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties

AM console

Tab: Global

Title: HTTP Session Binding

Copyright © 2010-2023 ForgeRock, all rights reserved.