The Purge Expired Data plugin can also be used to delete values of an attribute that have expired. For example, an application may track information about an employee’s session, but the session should expire after 24 hours. There may be multiple active sessions tracked across different devices, with session information that looks like this:

sessionInfo: { “sessionId” : “E85FAC04E331FFCA55549B10B7C7A4FA”,
"ipAddress": "", "userAgent": "Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us)
AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10",
“creationTime” : “2018-03-31T13:10:15Z” }

In this example, the LDAP attribute is sessioninfo, and the JSON field that stores the timestamp is creationTime. These are used to configure the Purge Expired Data plugin.

To purge the JSON attribute values after 24 hours, rather than the entire session entry, the plugin can be created with the following steps.

  1. Create an index on the creationTime field of the sessioninfo attribute:
    $ bin/dsconfig create-json-attribute-constraints \
      --attribute-type sessioninfo \
      --set enabled:true
    $ bin/dsconfig create-json-field-constraints \
      --attribute-type sessioninfo \
      --json-field creationTime \
      --set index-values:true \
      --set value-type:string
  2. Create and enable the plugin:
    $ bin/dsconfig create-plugin \
      --plugin-name "Purge Old Session Data Plugin" \
      --type purge-expired-data \
      --set enabled:true \
      --set "custom-datetime-format:yyyy-MM-dd'T'HH:mm:ss'Z'" \
      --set datetime-attribute:sessioninfo \
      --set datetime-format:custom \
      --set datetime-json-field:creationTime \
      --set "expiration-offset:1 d" \
      --set purge-behavior:delete-json-attribute-values