Background
From time to time, we are contacted by customers who are concerned about the vast amount of Active Sessions they see in Foundation Hub (Admin and Settings > Security > Active Sessions). The main concern is that this will have a negative impact on performance.
The impact on performance
It is normal to see a large number of Active Sessions, especially on a production system with high usage. A high number of Active Sessions do NOT have a negative impact on performance.
Two different types of sessions
There are two types of sessions, either with "Offline Access = No" (Online Session) or "Offline Access = Yes" (Offline Session).
The Online sessions will have an expiry time based on the "Session Global Timeout" setting, the default being 8h. The Offline sessions will have an expiry time of 30 days, a value that cannot be modified.
When sessions are created
Each time a user logs in from any "device", a new online session is created. A "device" in this context refers to the specific application like a Web Browser, the Pipeline Pilot Pro Client or any external application. Even if they are all running on the same physical device they are considered being separate "devices" from a login session point of view.
For example, if a user logs in through the Pipeline Pilot Pro Client, this will create a new online session with an expiry time of 8h. If the user then runs a protocol, another offline session will be created with an expiry time of 30 days. When running a second protocol, yet another offline session will be created with an expiry time of 30 days.
Some applications and/or customizations also makes extensive use of REST API calls. Each time a REST API login is made, another online session will be established and often followed by one or more offline sessions.
The reason we need the offline sessions
The offline sessions are granted to the specific Pipeline Pilot protocol being executed. The reason for these and their long expiry time is that the system cannot know in advance how long a protocol will take to run. In order for a protocol to continue running even if the user logs off or the Online login session expires, a session is required for each protocol to run under.
Examples
Using Foundation Hub with the Session Global Timeout = 8h
Example 1
Login to the Pipeline Pilot Pro Client and run some protocols (alternatively, login to the Web Port and run some protocols):
On login => session created, expiration 8h, Offline Access = No
Run protocol 1 => session created, expiration 30d , Offline Access = Yes
Run protocol 2 => session created, expiration 30d , Offline Access = Yes
In this example, the 30d sessions are the extensions to the original login sessions which allows users to kick off long-running jobs that can continue running even if the user is logged out from the main session.
Example 2
Login to the Foundation Hub and launch an application:
On login => session created, expiration 8h, Offline Access = No
Launching an application => session created, expiration 30d , Offline Access = Yes
Then, depending on the application, it may run one or more protocols to populate the application with some data and each protocol will cause a new Offline session to be created. In addition to this, the application might make some additional REST API calls (especially if the application has been customized) on behalf of the user and each REST execution will establish yet another 8h login session.