User Interface Configuration

OMS provides a web user interface to browse and perform actions on the orders and execution plans. OMS UI is deployed as a separate application, and it requires parameters to connect to OMS Server application.

Note: OMS does not support deploying OMS UI application and OMS Server application separately in different containers. OMS UI also provides configurable parameters to control the access to the application.
User Interface Configuration

The following ports must be configured in case of plan preview with standalone AOPD:

  • localhost: host for standalone AOPD used for plan preview from OMSUI
  • port: port for standalone AOPD used for planpreview from OMSUI.

The following table shows configurable parameters for the UI.

Parameters Description
Maximum Session Per User Number of sessions allowed per user. By default, OMS creates only one session for any user. In the case of a scenario in which multiple users share user id and password, this value needs to be set appropriately.
Error If Maximum Session Expired You can either expire the user's previous login or you can report an error when the user tries to log in again, preventing the second login. Note that if you are using the second approach, a user who has not explicitly logged out (but who has just closed the browser, for example) cannot log in again until the original session expires.
Http Session Fixation Protection

Session fixation vulnerabilities occur when the application authenticates a user without first invalidating the existing session ID, thereby continuing to use the session ID already associated with the user. The behavior can be controlled using the session-fixation-protection attribute which has the following three options:

  • migrateSession - creates a new session and copies the existing session attributes to the new session. This is the default.
  • none - Don't do anything. The original session is retained.
  • newSession - Create a new, clean session without copying the existing session data.