User Interface Configuration
Order Management Server provides a web user interface to browse and perform actions on the orders and execution plans. Order Management Server UI is deployed as a separate application, and it requires parameters to connect to the Order Management Server application.
The following ports must be configured in case of plan preview with standalone Automated Order Plan Development:
The following table shows configurable parameters for the UI.
| Parameters | Description |
|---|---|
| Maximum Session Per User | Number of sessions allowed per user. By default, Order Management Server creates only one session for any user. In the case of a scenario in which multiple users share user id and password, this value needs to be set appropriately. |
| Error If Maximum Session Expired | You can either expire the user's previous login or you can report an error when the user tries to log in again, preventing the second login. Note that if you are using the second approach, a user who has not explicitly logged out (but who has just closed the browser, for example) cannot log in again until the original session expires. |
| Http Session Fixation Protection |
Session fixation vulnerabilities occur when the application authenticates a user without first invalidating the existing session ID, thereby continuing to use the session ID already associated with the user. The behavior can be controlled using the session-fixation-protection attribute, which has the following three options: |