Skip to main content

Understanding Sitecore Kick User Tool

Understanding Sitecore Kick User Tool

Sitecore allows a restricted number of content author logins. The user licensing process in Sitecore is straightforward: every user logging into the Sitecore Client consumes a licensing slot, and the number of concurrent users must not exceed the allowed limit based on your license. Once it reaches the maximum limit, Sitecore will redirect the content author to "https://WEBSITE//sitecore/client/Applications/LicenseOptions/KickUser.aspx" page.

What is a Sitecore Content Author Login Limitation?

To verify the Sitecore content author login limit, please adhere to the steps provided below:

  • Open License.xml file
  • Search ‘SiteCore.EditorUser’ in the License file
  • Check  <count>  tag.


KickUser.aspx

Once the user reaches the maximum number of allowed users, it will be redirected KickUser.aspx page. On KickUser.aspx  you will able to perform below two options:


1. Kick off a user from Sitecore

Once you will click on the "Kick off user" button, you will able to see all logged users and you can kick out the user via the "Kick off user" button.


NOTE
  • When a user logs in to multiple browsers or devices, multiple entries will be visible on the KickUser page.
  • When a user is kicked out by another user, the kicked user can still continue their work until their ASPXAUTH cookie expires.

2. Increase the number of allowed users

In case your company holds an active and up-to-date Sitecore maintenance or subscription agreement, it is possible to augment the number of licensed users (concurrent users), even if your current license does not encompass these extra users.



DomainAccessGuard

The DomainAccessGuard class manages the active sessions for users who are authenticated and logged into Sitecore. 

All DomainAccessGuard related functionality is available in Sitecore.Web.Authentication.DomainAccessGuard class in Sitecore.Kernel DLL.



  • DomainAccessGuard.Sessions will provide you all logged-in sessions detail.


  • DomainAccessGuard.Kick(sessionId) function allow to kick the user programmatically.



Expiration of Sessions for the Sitecore Client

AUTHENTICATION CLIENT SESSION TIMEOUT sets the duration, in minutes, for which Sitecore considers user authentication session tickets valid before expiring them. This setting is applicable only for users accessing the Sitecore Client when the license limits the number of concurrent editors.

Expired sessions will be automatically cleared when a new user attempts to log in and the maximum allowable concurrent editors have been reached. By default, the timeout is set to 60 minutes (1 hour).

<setting name="Authentication.ClientSessionTimeout" value="60" />

Comments

Popular posts from this blog

Sitecore 10.2 - “Failed to start service ‘Sitecore Marketing Automation Engine’” on Windows 11

Sitecore 10.2 - “Failed to start service ‘Sitecore Marketing Automation Engine' ” on Windows 11 Today I started to install Sitecore 10.2 using Sitecore Instance Manager on Windows 11 and I got this issue “Failed to start service ‘Sitecore Marketing Automation Engine' ” . Error : On event viewer it was showing the below error: I also tried to run ‘ Sitecore.MAEngine.exe ’ like this C:\Windows\system32>C:\inetpub\wwwroot\sclocal102xconnect.dev.local\App_Data\jobs\continuous\AutomationEngine\Sitecore.MAEngine.exe Which was throwing below error: Starting Marketing Automation Engine... 2022-01-29 22:21:11 ERR Error initializing XConnect client. System.AggregateException: One or more errors occurred. ---> Sitecore.XConnect.XdbCollectionUnavailableException: An error occurred while sending the request. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected err...

Sitecore Custom API Issue with Federation Authentication

Sitecore Custom API Issue with Federation Authentication In earlier segments, detailed in Part 1 and Part 2 of the blogs on Keycloak Integration with Sitecore, I introduced Keycloak functionality for CM login. Concurrently, I addressed a necessity to develop custom APIs for retrieving Sitecore users and roles. Following the development of custom APIs, during authentication failures, the API erroneously returned a status code of 200 instead of 401. The problem arose because API requests were being routed through the "owin.identityProviders" pipeline, which was not intended for API usage. Solution: When OWIN identifies a 401 response and the AuthenticationMode is set to "Active," it fails to capture the URL hash included in the request. Another choice is to activate the "Passive" AuthenticationMode, wherein OWIN refrains from actively intercepting 401 responses. In passive mode, your application needs to explicitly issue a Challenge to trigger the OWIN aut...

Azure AD Integration with Sitecore 10.2

 Azure AD Integration with Sitecore 10.2 Sitecore identity server that comes with Sitecore 9.1 allows you to log in through an external identity provider like Azure Active Directory, Facebook, Apple, or Google. It is built on Federation Authentication. What is Federation Authentication? Federation authentication is a technology to allows users to access multiples application, tools, and domains using one credential. Using one set of credential user can access multiple applications, and resources after authentication.  Federation authentication consists of two systems, the Identity provider and the Service provider. Identity providers that maintain/create/manage identity information like name, email address, device, and location. Some examples of identity providers are Azure AD, Google, Facebook, and Apple. Service providers basically refer to a website, software, or app that the user is trying to access and SP basically relies on the identity provider to authenticate the user ...