diff --git a/Changes.md b/Changes.md
index 01a3544..b09283e 100644
--- a/Changes.md
+++ b/Changes.md
@@ -4,6 +4,7 @@
 
 * Fix SAML regression
 * Fix Captcha rule bug
+* Add admin global logout
 
 ## v2.20.0-3 _(2024-10-25)_
 * Add ReCaptcha v3
diff --git a/full/Dockerfile b/full/Dockerfile
index 95ad4ae..6de4aac 100644
--- a/full/Dockerfile
+++ b/full/Dockerfile
@@ -24,6 +24,7 @@ RUN \
     echo patch ignorepollers.patch && patch -p1 < ignorepollers.patch && \
     echo patch fixedLogout.patch && patch -p1 < fixedLogout.patch && \
     echo patch matrix-token-exchange.patch && patch -p1 < matrix-token-exchange.patch && \
+    echo patch globalLogout.patch && patch -p1 < globalLogout.patch && \
     rm -f *.patch && \
     LLNG_DEFAULTCONFFILE=/etc/lemonldap-ng/lemonldap-ng.ini \
     perl -MLemonldap::NG::Manager::Build -e 'Lemonldap::NG::Manager::Build->run( \
diff --git a/full/globalLogout.patch b/full/globalLogout.patch
new file mode 100644
index 0000000..7437112
--- /dev/null
+++ b/full/globalLogout.patch
@@ -0,0 +1,77 @@
+diff --git a/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm b/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
+index edf6a5f19..89c7571d2 100644
+--- a/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
++++ b/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
+@@ -40,6 +40,13 @@ sub init {
+         ['DELETE']
+       )
+ 
++      # DELETE ALL SESSIONS FOR A USER
++      ->addRoute(
++        sessions =>
++          { glogout => { ':sessionType' => { ':sessionId' => 'userLogout' } } },
++        ['POST']
++      )
++
+       # DELETE OIDC CONSENT
+       ->addRoute(
+         sessions => {
+@@ -60,6 +67,58 @@ sub init {
+     return 1;
+ }
+ 
++#
++# User logout
++#
++
++sub userLogout {
++    my ( $self, $req ) = @_;
++
++    my $mod = $self->getMod($req)
++      or return $self->sendError( $req, undef, 400 );
++    my $id = $req->params('sessionId')
++      or return $self->sendError( $req, 'sessionId is missing', 400 );
++    my $session = $self->getApacheSession( $mod, $id );
++
++    my $uidKey = Lemonldap::NG::Handler::Main->tsv->{whatToTrace};
++    my $uid    = $session->data->{$uidKey};
++
++    my $count = 0;
++    foreach my $storage (qw(oidcStorage sessionStorage)) {
++        my $storageModule =
++          Lemonldap::NG::Handler::Main->tsv->{"${storage}Module"};
++        if ( defined $storageModule ) {
++            next if ( $storageModule eq "Apache::Session::Memcached" );
++            my $opts = Lemonldap::NG::Handler::Main->tsv->{"${storage}Options"};
++            $opts->{backend} = $storageModule;
++            my $sessions =
++              Lemonldap::NG::Common::Apache::Session->searchOn( $opts, $uidKey,
++                $uid );
++            my @keys;
++            if ( $sessions and %$sessions ) {
++                @keys = keys %$sessions;
++                foreach my $sid (@keys) {
++                    my $session = Lemonldap::NG::Common::Session->new(
++                        storageModule        => $storageModule,
++                        storageModuleOptions => $opts,
++                        cacheModule => Lemonldap::NG::Handler::Main->tsv
++                          ->{sessionCacheModule},
++                        cacheModuleOptions => Lemonldap::NG::Handler::Main->tsv
++                          ->{sessionCacheOptions},
++                        id => $sid,
++                    );
++                    if ( $session->data ) {
++                        $session->remove;
++                        $count++;
++                    }
++                }
++            }
++        }
++    }
++    Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
++    return $self->sendJSONresponse( $req, { result => 1, count => $count } );
++}
++
+ #######################
+ # II. CONSENT METHODS #
+ #######################
diff --git a/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js
new file mode 100644
index 0000000..7cb8cb9
--- /dev/null
+++ b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js
@@ -0,0 +1,863 @@
+// Generated by CoffeeScript 2.7.0
+(function() {
+  /*
+   * Sessions explorer
+   */
+  /*
+   * AngularJS application
+   */
+  var categories, hiddenAttributes, llapp, max, menu, overScheme, schemes;
+
+  // Max number of session to display (see overScheme)
+  max = 25;
+
+  // Queries to do each type of display: each array item corresponds to the depth
+  // of opened nodes in the tree
+  schemes = {
+    _whatToTrace: [
+      // First level: display 1 letter
+      function(t,
+      v) {
+        return `groupBy=substr(${t},1)`;
+      },
+      // Second level (if no overScheme), display usernames
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=${t}`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}`;
+      }
+    ],
+    ipAddr: [
+      function(t,
+      v) {
+        return `groupBy=net(${t},16,1)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},32,2)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},48,3)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},128,4)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}&groupBy=_whatToTrace`;
+      },
+      function(t,
+      v,
+      q) {
+        return q.replace(/\&groupBy.*$/,
+      '') + `&_whatToTrace=${v}`;
+      }
+    ],
+    _startTime: [
+      function(t,
+      v) {
+        return `groupBy=substr(${t},8)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},10)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},11)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},12)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=_whatToTrace`;
+      },
+      function(t,
+      v,
+      q) {
+        console.log(t);
+        console.log(v);
+        console.log(q);
+        return q.replace(/\&groupBy.*$/,
+      '') + `&_whatToTrace=${v}`;
+      }
+    ],
+    doubleIp: [
+      function(t,
+      v) {
+        return t;
+      },
+      function(t,
+      v) {
+        return `_whatToTrace=${v}&groupBy=ipAddr`;
+      },
+      function(t,
+      v,
+      q) {
+        return q.replace(/\&groupBy.*$/,
+      '') + `&ipAddr=${v}`;
+      }
+    ],
+    _session_uid: [
+      // First level: display 1 letter
+      function(t,
+      v) {
+        return `groupBy=substr(${t},1)`;
+      },
+      // Second level (if no overScheme), display usernames
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=${t}`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}`;
+      }
+    ]
+  };
+
+  // When number of children nodes exceeds "max" value and if "overScheme.<type>"
+  // is available and does not return "null", a level is added. See
+  // "$scope.updateTree" method
+  overScheme = {
+    _whatToTrace: function(t, v, level, over) {
+      // "v.length > over" avoids a loop if one user opened more than "max"
+      // sessions
+      console.log('overScheme => level', level, 'over', over);
+      if (level === 1 && v.length > over) {
+        return `${t}=${v}*&groupBy=substr(${t},${level + over + 1})`;
+      } else {
+        return null;
+      }
+    },
+    // Note: IPv4 only
+    ipAddr: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level > 0 && level < 4 && !v.match(/^\d+\.\d/) && over < 2) {
+        return `${t}=${v}*&groupBy=net(${t},${16 * level + 4 * (over + 1)},${1 + level + over})`;
+      } else {
+        return null;
+      }
+    },
+    _startTime: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level > 3) {
+        return `${t}=${v}*&groupBy=substr(${t},${10 + level + over})`;
+      } else {
+        return null;
+      }
+    },
+    _session_uid: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level === 1 && v.length > over) {
+        return `${t}=${v}*&groupBy=substr(${t},${level + over + 1})`;
+      } else {
+        return null;
+      }
+    }
+  };
+
+  hiddenAttributes = '_password';
+
+  // Attributes to group in session display
+  categories = {
+    dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen'],
+    connectionTitle: ['ipAddr', '_timezone', '_url'],
+    authenticationTitle: ['_session_id', '_user', '_password', 'authenticationLevel'],
+    modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti', '_2f'],
+    saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump'],
+    groups: ['groups', 'hGroups'],
+    ldap: ['dn'],
+    OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token', '_oidc_refresh_token', '_oidc_access_token_eol', '_oidcConnectedRP', '_oidcConnectedRPIDs'],
+    sfaTitle: ['_2fDevices'],
+    oidcConsents: ['_oidcConsents']
+  };
+
+  // Menu entries
+  menu = {
+    session: [
+      {
+        title: 'deleteSession',
+        icon: 'trash'
+      },
+      {
+        title: 'globalLogout',
+        icon: 'trash'
+      }
+    ],
+    home: []
+  };
+
+  llapp = angular.module('llngSessionsExplorer', ['ui.tree', 'ui.bootstrap', 'llApp']);
+
+  // Main controller
+  llapp.controller('SessionsExplorerCtrl', [
+    '$scope',
+    '$translator',
+    '$location',
+    '$q',
+    '$http',
+    function($scope,
+    $translator,
+    $location,
+    $q,
+    $http) {
+      var autoId,
+    c,
+    pathEvent,
+    sessionType;
+      $scope.links = links;
+      $scope.menulinks = menulinks;
+      $scope.staticPrefix = staticPrefix;
+      $scope.scriptname = scriptname;
+      $scope.formPrefix = formPrefix;
+      $scope.impPrefix = impPrefix;
+      $scope.sessionTTL = sessionTTL;
+      $scope.availableLanguages = availableLanguages;
+      $scope.waiting = true;
+      $scope.showM = false;
+      $scope.showT = true;
+      $scope.data = [];
+      $scope.currentScope = null;
+      $scope.currentSession = null;
+      $scope.menu = menu;
+      // Import translations functions
+      $scope.translateP = $translator.translateP;
+      $scope.translate = $translator.translate;
+      $scope.translateTitle = function(node) {
+        return $translator.translateField(node,
+    'title');
+      };
+      sessionType = 'global';
+      // Handle menu items
+      $scope.menuClick = function(button) {
+        if (button.popup) {
+          window.open(button.popup);
+        } else {
+          if (!button.action) {
+            button.action = button.title;
+          }
+          switch (typeof button.action) {
+            case 'function':
+              button.action($scope.currentNode,
+    $scope);
+              break;
+            case 'string':
+              $scope[button.action]();
+              break;
+            default:
+              console.log(typeof button.action);
+          }
+        }
+        return $scope.showM = false;
+      };
+      // SESSION MANAGEMENT
+
+      // Delete RP Consent
+      $scope.deleteOIDCConsent = function(rp,
+    epoch) {
+        var items;
+        items = document.querySelectorAll(`.data-${epoch}`);
+        $scope.waiting = true;
+        $http['delete'](`${scriptname}sessions/OIDCConsent/${sessionType}/${$scope.currentSession.id}?rp=${rp}&epoch=${epoch}`).then(function(response) {
+          var e,
+    i,
+    len,
+    results;
+          $scope.waiting = false;
+          results = [];
+          for (i = 0, len = items.length; i < len; i++) {
+            e = items[i];
+            results.push(e.remove());
+          }
+          return results;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        return $scope.showT = false;
+      };
+      // Delete
+      $scope.deleteSession = function() {
+        $scope.waiting = true;
+        return $http['delete'](`${scriptname}sessions/${sessionType}/${$scope.currentSession.id}`).then(function(response) {
+          $scope.currentSession = null;
+          $scope.currentScope.remove();
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+      };
+      $scope.globalLogout = function() {
+        $scope.waiting = true;
+        return $http['post'](`${scriptname}sessions/glogout/${sessionType}/${$scope.currentSession.id}`).then(function(response) {
+          $scope.currentSession = null;
+          $scope.currentScope.remove();
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+      };
+      // Open node
+      $scope.stoggle = function(scope) {
+        var node;
+        node = scope.$modelValue;
+        if (node.nodes.length === 0) {
+          $scope.updateTree(node.value,
+    node.nodes,
+    node.level,
+    node.over,
+    node.query,
+    node.count);
+        }
+        return scope.toggle();
+      };
+      // Display selected session
+      $scope.displaySession = function(scope) {
+        var sessionId,
+    transformSession;
+        // Private functions
+
+        // Session preparation
+        transformSession = function(session) {
+          var _insert,
+    array,
+    attr,
+    attrs,
+    category,
+    cv,
+    element,
+    epoch,
+    i,
+    j,
+    k,
+    key,
+    l,
+    len,
+    len1,
+    len2,
+    len3,
+    len4,
+    len5,
+    m,
+    name,
+    o,
+    oidcConsent,
+    p,
+    real,
+    ref,
+    ref1,
+    res,
+    sfDevice,
+    spoof,
+    subres,
+    tab,
+    time,
+    title,
+    tmp,
+    value;
+          _insert = function(re,
+    title) {
+            var cv,
+    i,
+    key,
+    len,
+    reg,
+    tab,
+    tmp,
+    val,
+    value,
+    vk;
+            tmp = [];
+            reg = new RegExp(re);
+            cv = "";
+            for (key in session) {
+              value = session[key];
+              if (key.match(reg) && value) {
+                cv += `${value}:${key},`;
+                delete session[key];
+              }
+            }
+            if (cv) {
+              cv = cv.replace(/,$/,
+    '');
+              tab = cv.split(',');
+              tab.sort();
+              tab.reverse();
+              for (i = 0, len = tab.length; i < len; i++) {
+                val = tab[i];
+                vk = val.split(':');
+                tmp.push({
+                  title: vk[1],
+                  value: $scope.localeDate(vk[0])
+                });
+              }
+              return res.push({
+                title: title,
+                nodes: tmp
+              });
+            }
+          };
+          time = session._utime;
+// 1. Replace values if needed
+          for (key in session) {
+            value = session[key];
+            if (!value) {
+              delete session[key];
+            } else {
+              if (typeof session === 'string' && value.match(/; /)) {
+                session[key] = value.split('; ');
+              }
+              if (typeof session[key] !== 'object') {
+                if (hiddenAttributes.match(new RegExp('\b' + key + '\b'))) {
+                  session[key] = '********';
+                } else if (key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)) {
+                  session[key] = $scope.localeDate(value);
+                } else if (key.match(/^(_startTime|_updateTime)$/)) {
+                  session[key] = $scope.strToLocaleDate(value);
+                }
+              }
+            }
+          }
+          res = [];
+// 2. Push session keys in result, grouped by categories
+          for (category in categories) {
+            attrs = categories[category];
+            subres = [];
+            for (i = 0, len = attrs.length; i < len; i++) {
+              attr = attrs[i];
+              if (session[attr]) {
+                if (attr === "_2fDevices" && session[attr]) {
+                  array = JSON.parse(session[attr]);
+                  if (array.length > 0) {
+                    subres.push({
+                      title: "type",
+                      value: "name",
+                      epoch: "date",
+                      td: "0"
+                    });
+                    for (j = 0, len1 = array.length; j < len1; j++) {
+                      sfDevice = array[j];
+                      for (key in sfDevice) {
+                        value = sfDevice[key];
+                        if (key === 'type') {
+                          title = value;
+                        }
+                        if (key === 'name') {
+                          name = value;
+                        }
+                        if (key === 'epoch') {
+                          epoch = value;
+                        }
+                      }
+                      subres.push({
+                        title: title,
+                        value: name,
+                        epoch: epoch,
+                        td: "1"
+                      });
+                    }
+                  }
+                  delete session[attr];
+                } else if (session[attr].toString().match(/"rp":\s*"[\w-]+"/)) {
+                  subres.push({
+                    title: "RP",
+                    value: "scope",
+                    epoch: "date",
+                    td: "0"
+                  });
+                  array = JSON.parse(session[attr]);
+                  for (k = 0, len2 = array.length; k < len2; k++) {
+                    oidcConsent = array[k];
+                    for (key in oidcConsent) {
+                      value = oidcConsent[key];
+                      if (key === 'rp') {
+                        title = value;
+                      }
+                      if (key === 'scope') {
+                        name = value;
+                      }
+                      if (key === 'epoch') {
+                        epoch = value;
+                      }
+                    }
+                    subres.push({
+                      title: title,
+                      value: name,
+                      epoch: epoch,
+                      td: "2"
+                    });
+                  }
+                  delete session[attr];
+                } else if (session[attr].toString().match(/\w+/)) {
+                  subres.push({
+                    title: attr,
+                    value: session[attr],
+                    epoch: ''
+                  });
+                  delete session[attr];
+                } else {
+                  delete session[attr];
+                }
+              } else {
+                delete session[attr];
+              }
+            }
+            if (subres.length > 0) {
+              res.push({
+                title: `__${category}__`,
+                nodes: subres
+              });
+            }
+          }
+          // 3. Add OpenID and notifications already notified
+          _insert('^openid',
+    'OpenID');
+          _insert('^notification_(.+)',
+    '__notificationsDone__');
+          // 4. Add session history if exists
+          if (session._loginHistory) {
+            tmp = [];
+            if (session._loginHistory.successLogin) {
+              ref = session._loginHistory.successLogin;
+              for (m = 0, len3 = ref.length; m < len3; m++) {
+                l = ref[m];
+                // History custom values
+                cv = "";
+                for (key in l) {
+                  value = l[key];
+                  if (!key.match(/^(_utime|ipAddr|error)$/)) {
+                    cv += `, ${key} : ${value}`;
+                  }
+                }
+                tab = cv.split(', ');
+                tab.sort();
+                cv = tab.join(', ');
+                tmp.push({
+                  t: l._utime,
+                  title: $scope.localeDate(l._utime),
+                  value: `Success (IP ${l.ipAddr})` + cv
+                });
+              }
+            }
+            if (session._loginHistory.failedLogin) {
+              ref1 = session._loginHistory.failedLogin;
+              for (o = 0, len4 = ref1.length; o < len4; o++) {
+                l = ref1[o];
+                // History custom values
+                cv = "";
+                for (key in l) {
+                  value = l[key];
+                  if (!key.match(/^(_utime|ipAddr|error)$/)) {
+                    cv += `, ${key} : ${value}`;
+                  }
+                }
+                tab = cv.split(', ');
+                tab.sort();
+                cv = tab.join(', ');
+                tmp.push({
+                  t: l._utime,
+                  title: $scope.localeDate(l._utime),
+                  value: `Error ${l.error} (IP ${l.ipAddr})` + cv
+                });
+              }
+            }
+            delete session._loginHistory;
+            tmp.sort(function(a,
+    b) {
+              return b.t - a.t;
+            });
+            res.push({
+              title: '__loginHistory__',
+              nodes: tmp
+            });
+          }
+          // 5. Other keys (attributes and macros)
+          tmp = [];
+          for (key in session) {
+            value = session[key];
+            tmp.push({
+              title: key,
+              value: value
+            });
+          }
+          tmp.sort(function(a,
+    b) {
+            if (a.title > b.title) {
+              return 1;
+            } else if (a.title < b.title) {
+              return -1;
+            } else {
+              return 0;
+            }
+          });
+          // Sort by real and spoofed attributes
+          real = [];
+          spoof = [];
+          for (p = 0, len5 = tmp.length; p < len5; p++) {
+            element = tmp[p];
+            if (element.title.match(new RegExp('^' + $scope.impPrefix + '.+$'))) {
+              console.log(element,
+    '-> real attribute');
+              real.push(element);
+            } else {
+              //console.log element, '-> spoofed attribute'
+              spoof.push(element);
+            }
+          }
+          tmp = spoof.concat(real);
+          res.push({
+            title: '__attributesAndMacros__',
+            nodes: tmp
+          });
+          return {
+            _utime: time,
+            nodes: res
+          };
+        };
+        $scope.currentScope = scope;
+        sessionId = scope.$modelValue.session;
+        $http.get(`${scriptname}sessions/${sessionType}/${sessionId}`).then(function(response) {
+          $scope.currentSession = transformSession(response.data);
+          return $scope.currentSession.id = sessionId;
+        });
+        return $scope.showT = false;
+      };
+      $scope.localeDate = function(s) {
+        var d;
+        d = new Date(s * 1000);
+        return d.toLocaleString();
+      };
+      $scope.isValid = function(epoch,
+    type) {
+        var isValid,
+    now,
+    path;
+        path = $location.path();
+        now = Date.now() / 1000;
+        console.log("Path",
+    path);
+        console.log("Session epoch",
+    epoch);
+        console.log("Current date",
+    now);
+        console.log("Session TTL",
+    sessionTTL);
+        isValid = now - epoch < sessionTTL || $location.path().match(/^\/persistent/);
+        if (type === 'msg') {
+          console.log("Return msg");
+          if (isValid) {
+            return "info";
+          } else {
+            return "warning";
+          }
+        } else if (type === 'style') {
+          console.log("Return style");
+          if (isValid) {
+            return {};
+          } else {
+            return {
+              'color': '#627990',
+              'font-style': 'italic'
+            };
+          }
+        } else {
+          console.log("Return isValid");
+          return isValid;
+        }
+      };
+      $scope.strToLocaleDate = function(s) {
+        var arrayDate,
+    d;
+        arrayDate = s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);
+        if (!arrayDate.length) {
+          return s;
+        }
+        d = new Date(`${arrayDate[1]}-${arrayDate[2]}-${arrayDate[3]}T${arrayDate[4]}:${arrayDate[5]}:${arrayDate[6]}`);
+        return d.toLocaleString();
+      };
+      // Function to change interface language
+      $scope.getLanguage = function(lang) {
+        $scope.lang = lang;
+        $scope.form = 'white';
+        $scope.init();
+        return $scope.showM = false;
+      };
+      // URI local path management
+      pathEvent = function(event,
+    next,
+    current) {
+        var n;
+        n = next.match(/#!?\/(\w+)/);
+        sessionType = 'global';
+        if (n === null) {
+          $scope.type = '_whatToTrace';
+        } else if (n[1].match(/^(persistent|offline)$/)) {
+          sessionType = RegExp.$1;
+          $scope.type = '_session_uid';
+        } else {
+          $scope.type = n[1];
+        }
+        return $scope.init();
+      };
+      $scope.$on('$locationChangeSuccess',
+    pathEvent);
+      // Function to update tree: download value of opened subkey
+      autoId = 0;
+      $scope.updateTree = function(value,
+    node,
+    level,
+    over,
+    currentQuery,
+    count) {
+        var query,
+    scheme,
+    tmp;
+        $scope.waiting = true;
+        // Query scheme selection:
+
+        //  - if defined above
+        //  - _updateTime must be displayed as startTime
+        //  - default to _whatToTrace scheme
+        scheme = schemes[$scope.type] ? schemes[$scope.type] : $scope.type === '_updateTime' ? schemes._startTime : schemes._whatToTrace;
+        // Build query using schemes
+        query = scheme[level]($scope.type,
+    value,
+    currentQuery);
+        // If number of session exceeds "max" and overScheme exists, call it
+        if (count > max && overScheme[$scope.type]) {
+          if (tmp = overScheme[$scope.type]($scope.type,
+    value,
+    level,
+    over,
+    currentQuery)) {
+            over++;
+            query = tmp;
+            level = level - 1;
+          } else {
+            over = 0;
+          }
+        } else {
+          over = 0;
+        }
+        // Launch HTTP query
+        $http.get(`${scriptname}sessions/${sessionType}?${query}`).then(function(response) {
+          var data,
+    i,
+    len,
+    n,
+    ref;
+          data = response.data;
+          if (data.result) {
+            ref = data.values;
+            for (i = 0, len = ref.length; i < len; i++) {
+              n = ref[i];
+              autoId++;
+              n.id = `node${autoId}`;
+              if (level < scheme.length - 1) {
+                n.nodes = [];
+                n.level = level + 1;
+                n.query = query;
+                n.over = over;
+                // Date display in tree
+                if ($scope.type.match(/^(?:start|update)Time$/)) {
+                  // 12 digits -> 12:34
+                  n.title = n.value.replace(/^(\d{8})(\d{2})(\d{2})$/,
+    // 11 digits -> 12:30
+    '$2:$3').replace(/^(\d{8})(\d{2})(\d)$/,
+    // 10 digits -> 12h
+    '$2:$30').replace(/^(\d{8})(\d{2})$/,
+    //  8 digits -> 2016-03-15
+    '$2h').replace(/^(\d{4})(\d{2})(\d{2})/,
+    '$1-$2-$3');
+                }
+              }
+              node.push(n);
+            }
+            if (value === '') {
+              $scope.total = data.total;
+            }
+          }
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        // Highlight current selection
+        console.log("Selection",
+    sessionType);
+        $scope.navssoStyle = {
+          color: '#777'
+        };
+        $scope.offlineStyle = {
+          color: '#777'
+        };
+        $scope.persistentStyle = {
+          color: '#777'
+        };
+        if (sessionType === 'global') {
+          $scope.navssoStyle = {
+            color: '#333'
+          };
+        }
+        if (sessionType === 'offline') {
+          $scope.offlineStyle = {
+            color: '#333'
+          };
+        }
+        if (sessionType === 'persistent') {
+          return $scope.persistentStyle = {
+            color: '#333'
+          };
+        }
+      };
+      // Intialization function
+      // Simply set $scope.waiting to false during $translator and tree root
+      // initialization
+      $scope.init = function() {
+        $scope.waiting = true;
+        $scope.data = [];
+        $scope.currentScope = null;
+        $scope.currentSession = null;
+        $q.all([$translator.init($scope.lang),
+    $scope.updateTree('',
+    $scope.data,
+    0,
+    0)]).then(function() {
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        // Colorized link
+        $scope.activeModule = "sessions";
+        return $scope.myStyle = {
+          color: '#ffb84d'
+        };
+      };
+      // Query scheme initialization
+      // Default to '_whatToTrace'
+      c = $location.path().match(/^\/(\w+)/);
+      return $scope.type = c ? c[1] : '_whatToTrace';
+    }
+  ]);
+
+}).call(this);
diff --git a/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js
new file mode 100644
index 0000000..9808bb3
--- /dev/null
+++ b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js
@@ -0,0 +1 @@
+!function(){var g={_whatToTrace:[function(e,t){return`groupBy=substr(${e},1)`},function(e,t){return e+`=${t}*&groupBy=`+e},function(e,t){return e+"="+t}],ipAddr:[function(e,t){return`groupBy=net(${e},16,1)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},32,2)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},48,3)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},128,4)`},function(e,t){return e+`=${t}&groupBy=_whatToTrace`},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],_startTime:[function(e,t){return`groupBy=substr(${e},8)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},10)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},11)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},12)`},function(e,t){return e+`=${t}*&groupBy=_whatToTrace`},function(e,t,n){return console.log(e),console.log(t),console.log(n),n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],doubleIp:[function(e,t){return e},function(e,t){return`_whatToTrace=${t}&groupBy=ipAddr`},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&ipAddr="+t}],_session_uid:[function(e,t){return`groupBy=substr(${e},1)`},function(e,t){return e+`=${t}*&groupBy=`+e},function(e,t){return e+"="+t}]},f={_whatToTrace:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),1===n&&t.length>o?e+`=${t}*&groupBy=substr(${e},${n+o+1})`:null},ipAddr:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),0<n&&n<4&&!t.match(/^\d+\.\d/)&&o<2?e+`=${t}*&groupBy=net(${e},${16*n+4*(o+1)},${1+n+o})`:null},_startTime:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),3<n?e+`=${t}*&groupBy=substr(${e},${10+n+o})`:null},_session_uid:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),1===n&&t.length>o?e+`=${t}*&groupBy=substr(${e},${n+o+1})`:null}},O={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti","_2f"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token","_oidc_refresh_token","_oidc_access_token_eol","_oidcConnectedRP","_oidcConnectedRPIDs"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]},i={session:[{title:"deleteSession",icon:"trash"},{title:"globalLogout",icon:"trash"}],home:[]};angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(M,t,r,e,o){var p,n,d;return M.links=links,M.menulinks=menulinks,M.staticPrefix=staticPrefix,M.scriptname=scriptname,M.formPrefix=formPrefix,M.impPrefix=impPrefix,M.sessionTTL=sessionTTL,M.availableLanguages=availableLanguages,M.waiting=!0,M.showM=!1,M.showT=!0,M.data=[],M.currentScope=null,M.currentSession=null,M.menu=i,M.translateP=t.translateP,M.translate=t.translate,M.translateTitle=function(e){return t.translateField(e,"title")},d="global",M.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(M.currentNode,M);break;case"string":M[e.action]();break;default:console.log(typeof e.action)}return M.showM=!1},M.deleteOIDCConsent=function(e,t){var i=document.querySelectorAll(".data-"+t);return M.waiting=!0,o.delete(`${scriptname}sessions/OIDCConsent/${d}/${M.currentSession.id}?rp=${e}&epoch=`+t).then(function(e){var t,n,o,r;for(M.waiting=!1,r=[],n=0,o=i.length;n<o;n++)t=i[n],r.push(t.remove());return r},function(e){return M.waiting=!1}),M.showT=!1},M.deleteSession=function(){return M.waiting=!0,o.delete(scriptname+`sessions/${d}/`+M.currentSession.id).then(function(e){return M.currentSession=null,M.currentScope.remove(),M.waiting=!1},function(e){return M.waiting=!1})},M.globalLogout=function(){return M.waiting=!0,o.post(scriptname+`sessions/glogout/${d}/`+M.currentSession.id).then(function(e){return M.currentSession=null,M.currentScope.remove(),M.waiting=!1},function(e){return M.waiting=!1})},M.stoggle=function(e){var t=e.$modelValue;return 0===t.nodes.length&&M.updateTree(t.value,t.nodes,t.level,t.over,t.query,t.count),e.toggle()},M.displaySession=function(e){var t,n=function(p){var e,t,n,o,r,i,s,l,u,a,c,d,g,f,h,_,$,m,y,T,v,w,S,b,B,D,L,P,C,A,x,k,R,I,E=function(e,t){var n,o,r,i,s,l,u=[],a=new RegExp(e),c="";for(o in p)s=p[o],o.match(a)&&s&&(c+=s+`:${o},`,delete p[o]);if(c){for((i=(c=c.replace(/,$/,"")).split(",")).sort(),i.reverse(),n=0,r=i.length;n<r;n++)l=i[n].split(":"),u.push({title:l[1],value:M.localeDate(l[0])});return L.push({title:t,nodes:u})}},H=p._utime;for(c in p)(I=p[c])?("string"==typeof p&&I.match(/; /)&&(p[c]=I.split("; ")),"object"!=typeof p[c]&&("_password".match(new RegExp("\b"+c+"\b"))?p[c]="********":c.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)?p[c]=M.localeDate(I):c.match(/^(_startTime|_updateTime)$/)&&(p[c]=M.strToLocaleDate(I)))):delete p[c];for(o in L=[],O){for(A=[],l=0,g=(n=O[o]).length;l<g;l++){if(t=n[l],p[t])if("_2fDevices"===t&&p[t]){if(0<(e=JSON.parse(p[t])).length)for(A.push({title:"type",value:"name",epoch:"date",td:"0"}),u=0,f=e.length;u<f;u++){for(c in P=e[u])I=P[c],"type"===c&&(k=I),"name"===c&&(T=I),"epoch"===c&&(s=I);A.push({title:k,value:T,epoch:s,td:"1"})}}else if(p[t].toString().match(/"rp":\s*"[\w-]+"/))for(A.push({title:"RP",value:"scope",epoch:"date",td:"0"}),a=0,h=(e=JSON.parse(p[t])).length;a<h;a++){for(c in w=e[a])I=w[c],"rp"===c&&(k=I),"scope"===c&&(T=I),"epoch"===c&&(s=I);A.push({title:k,value:T,epoch:s,td:"2"})}else p[t].toString().match(/\w+/)&&A.push({title:t,value:p[t],epoch:""});delete p[t]}0<A.length&&L.push({title:`__${o}__`,nodes:A})}if(E("^openid","OpenID"),E("^notification_(.+)","__notificationsDone__"),p._loginHistory){if(R=[],p._loginHistory.successLogin)for(y=0,_=(B=p._loginHistory.successLogin).length;y<_;y++){for(c in r="",d=B[y])I=d[c],c.match(/^(_utime|ipAddr|error)$/)||(r+=`, ${c} : `+I);(x=r.split(", ")).sort(),r=x.join(", "),R.push({t:d._utime,title:M.localeDate(d._utime),value:`Success (IP ${d.ipAddr})`+r})}if(p._loginHistory.failedLogin)for(v=0,$=(D=p._loginHistory.failedLogin).length;v<$;v++){for(c in r="",d=D[v])I=d[c],c.match(/^(_utime|ipAddr|error)$/)||(r+=`, ${c} : `+I);(x=r.split(", ")).sort(),r=x.join(", "),R.push({t:d._utime,title:M.localeDate(d._utime),value:`Error ${d.error} (IP ${d.ipAddr})`+r})}delete p._loginHistory,R.sort(function(e,t){return t.t-e.t}),L.push({title:"__loginHistory__",nodes:R})}for(c in R=[],p)I=p[c],R.push({title:c,value:I});for(R.sort(function(e,t){return e.title>t.title?1:e.title<t.title?-1:0}),b=[],C=[],S=0,m=R.length;S<m;S++)((i=R[S]).title.match(new RegExp("^"+M.impPrefix+".+$"))?(console.log(i,"-> real attribute"),b):C).push(i);return R=C.concat(b),L.push({title:"__attributesAndMacros__",nodes:R}),{_utime:H,nodes:L}};return M.currentScope=e,t=e.$modelValue.session,o.get(scriptname+`sessions/${d}/`+t).then(function(e){return M.currentSession=n(e.data),M.currentSession.id=t}),M.showT=!1},M.localeDate=function(e){return new Date(1e3*e).toLocaleString()},M.isValid=function(e,t){var n=r.path(),o=Date.now()/1e3;return console.log("Path",n),console.log("Session epoch",e),console.log("Current date",o),console.log("Session TTL",sessionTTL),n=o-e<sessionTTL||r.path().match(/^\/persistent/),"msg"===t?(console.log("Return msg"),n?"info":"warning"):"style"===t?(console.log("Return style"),n?{}:{color:"#627990","font-style":"italic"}):(console.log("Return isValid"),n)},M.strToLocaleDate=function(e){var t=e.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);return t.length?new Date(`${t[1]}-${t[2]}-${t[3]}T${t[4]}:${t[5]}:`+t[6]).toLocaleString():e},M.getLanguage=function(e){return M.lang=e,M.form="white",M.init(),M.showM=!1},M.$on("$locationChangeSuccess",function(e,t,n){t=t.match(/#!?\/(\w+)/);return d="global",null===t?M.type="_whatToTrace":t[1].match(/^(persistent|offline)$/)?(d=RegExp.$1,M.type="_session_uid"):M.type=t[1],M.init()}),p=0,M.updateTree=function(i,s,l,u,e,t){var a,c;if(M.waiting=!0,c=g[M.type]||("_updateTime"===M.type?g._startTime:g._whatToTrace),a=c[l](M.type,i,e),25<t&&f[M.type]&&(t=f[M.type](M.type,i,l,u,e))?(u++,a=t,l-=1):u=0,o.get(scriptname+`sessions/${d}?`+a).then(function(e){var t,n,o,r,e=e.data;if(e.result){for(t=0,n=(r=e.values).length;t<n;t++)o=r[t],p++,o.id="node"+p,l<c.length-1&&(o.nodes=[],o.level=l+1,o.query=a,o.over=u,M.type.match(/^(?:start|update)Time$/))&&(o.title=o.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")),s.push(o);""===i&&(M.total=e.total)}return M.waiting=!1},function(e){return M.waiting=!1}),console.log("Selection",d),M.navssoStyle={color:"#777"},M.offlineStyle={color:"#777"},M.persistentStyle={color:"#777"},"global"===d&&(M.navssoStyle={color:"#333"}),"offline"===d&&(M.offlineStyle={color:"#333"}),"persistent"===d)return M.persistentStyle={color:"#333"}},M.init=function(){return M.waiting=!0,M.data=[],M.currentScope=null,M.currentSession=null,e.all([t.init(M.lang),M.updateTree("",M.data,0,0)]).then(function(){return M.waiting=!1},function(e){return M.waiting=!1}),M.activeModule="sessions",M.myStyle={color:"#ffb84d"}},n=r.path().match(/^\/(\w+)/),M.type=n?n[1]:"_whatToTrace"}])}.call(this);
\ No newline at end of file
diff --git a/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map
new file mode 100644
index 0000000..5c2425b
--- /dev/null
+++ b/full/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map
@@ -0,0 +1 @@
+{"version":3,"sources":["sessions.js"],"names":["schemes","_whatToTrace","t","v","ipAddr","match","q","replace","_startTime","console","log","doubleIp","_session_uid","overScheme","level","over","length","categories","dateTitle","connectionTitle","authenticationTitle","modulesTitle","saml","groups","ldap","OpenIDConnect","sfaTitle","oidcConsents","menu","session","title","icon","home","angular","module","controller","$scope","$translator","$location","$q","$http","autoId","c","sessionType","links","menulinks","staticPrefix","scriptname","formPrefix","impPrefix","sessionTTL","availableLanguages","waiting","showM","showT","data","currentScope","currentSession","translateP","translate","translateTitle","node","translateField","menuClick","button","popup","window","open","action","currentNode","deleteOIDCConsent","rp","epoch","items","document","querySelectorAll","id","then","response","e","i","len","results","push","remove","resp","deleteSession","globalLogout","stoggle","scope","$modelValue","nodes","updateTree","value","query","count","toggle","displaySession","sessionId","transformSession","array","attr","attrs","category","cv","element","j","k","key","l","len1","len2","len3","len4","len5","m","name","o","oidcConsent","p","real","ref","ref1","res","sfDevice","spoof","subres","tab","tmp","_insert","re","vk","reg","RegExp","split","sort","reverse","localeDate","time","_utime","strToLocaleDate","JSON","parse","td","toString","_loginHistory","successLogin","join","failedLogin","error","a","b","concat","get","s","Date","toLocaleString","isValid","type","path","now","color","font-style","arrayDate","getLanguage","lang","form","init","$on","event","next","current","n","$1","currentQuery","scheme","result","values","total","navssoStyle","offlineStyle","persistentStyle","all","activeModule","myStyle","call","this"],"mappings":"AACA,CAAA,WAOE,IAOAA,EAAU,CACRC,aAAc,CAEZ,SAASC,EACTC,GACE,wBAAyBD,MAC3B,EAEA,SAASA,EACTC,GACE,OAAUD,MAAKC,cAAcD,CAC/B,EACA,SAASA,EACTC,GACE,OAAUD,EAAH,IAAQC,CACjB,GAEFC,OAAQ,CACN,SAASF,EACTC,GACE,qBAAsBD,SACxB,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,SACnC,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,SACnC,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,UACnC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,wBACjB,EACA,SAASD,EACTC,EACAG,GACE,OAAOA,EAAEC,QAAQ,eACnB,EAAE,EAAI,iBAAiBJ,CACvB,GAEFK,WAAY,CACV,SAASN,EACTC,GACE,wBAAyBD,MAC3B,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,yBACjB,EACA,SAASD,EACTC,EACAG,GAIE,OAHAG,QAAQC,IAAIR,CAAC,EACbO,QAAQC,IAAIP,CAAC,EACbM,QAAQC,IAAIJ,CAAC,EACNA,EAAEC,QAAQ,eACnB,EAAE,EAAI,iBAAiBJ,CACvB,GAEFQ,SAAU,CACR,SAAST,EACTC,GACE,OAAOD,CACT,EACA,SAASA,EACTC,GACE,sBAAuBA,kBACzB,EACA,SAASD,EACTC,EACAG,GACE,OAAOA,EAAEC,QAAQ,eACnB,EAAE,EAAI,WAAWJ,CACjB,GAEFS,aAAc,CAEZ,SAASV,EACTC,GACE,wBAAyBD,MAC3B,EAEA,SAASA,EACTC,GACE,OAAUD,MAAKC,cAAcD,CAC/B,EACA,SAASA,EACTC,GACE,OAAUD,EAAH,IAAQC,CACjB,EAEJ,EAKAU,EAAa,CACXZ,aAAc,SAASC,EAAGC,EAAGW,EAAOC,GAIlC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EACxC,IAAVD,GAAeX,EAAEa,OAASD,EAClBb,MAAKC,qBAAqBD,KAAKY,EAAQC,EAAO,KAEjD,IAEX,EAEAX,OAAQ,SAASF,EAAGC,EAAGW,EAAOC,GAE5B,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EAC1C,EAARD,GAAaA,EAAQ,GAAK,CAACX,EAAEE,MAAM,UAAU,GAAKU,EAAO,EACjDb,MAAKC,kBAAkBD,KAAK,GAAKY,EAAQ,GAAKC,EAAO,MAAM,EAAID,EAAQC,KAE1E,IAEX,EACAP,WAAY,SAASN,EAAGC,EAAGW,EAAOC,GAEhC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EAC1C,EAARD,EACQZ,MAAKC,qBAAqBD,KAAK,GAAKY,EAAQC,KAE/C,IAEX,EACAH,aAAc,SAASV,EAAGC,EAAGW,EAAOC,GAElC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EACxC,IAAVD,GAAeX,EAAEa,OAASD,EAClBb,MAAKC,qBAAqBD,KAAKY,EAAQC,EAAO,KAEjD,IAEX,CACF,EAKAE,EAAa,CACXC,UAAW,CAAC,SAAU,aAAc,cAAe,kBAAmB,aACtEC,gBAAiB,CAAC,SAAU,YAAa,QACzCC,oBAAqB,CAAC,cAAe,QAAS,YAAa,uBAC3DC,aAAc,CAAC,QAAS,UAAW,cAAe,YAAa,cAAe,aAAc,eAAgB,OAC5GC,KAAM,CAAC,OAAQ,cAAe,aAAc,oBAAqB,sBACjEC,OAAQ,CAAC,SAAU,WACnBC,KAAM,CAAC,MACPC,cAAe,CAAC,iBAAkB,WAAY,qBAAsB,sBAAuB,yBAA0B,mBAAoB,uBACzIC,SAAU,CAAC,cACXC,aAAc,CAAC,gBACjB,EAGAC,EAAO,CACLC,QAAS,CACP,CACEC,MAAO,gBACPC,KAAM,OACR,EACA,CACED,MAAO,eACPC,KAAM,OACR,GAEFC,KAAM,EACR,EAEQC,QAAQC,OAAO,uBAAwB,CAAC,UAAW,eAAgB,QAAQ,EAG7EC,WAAW,uBAAwB,CACvC,SACA,cACA,YACA,KACA,QACA,SAASC,EACTC,EACAC,EACAC,EACAC,GACE,IAAIC,EACNC,EAEAC,EA2nBE,OA1nBAP,EAAOQ,MAAQA,MACfR,EAAOS,UAAYA,UACnBT,EAAOU,aAAeA,aACtBV,EAAOW,WAAaA,WACpBX,EAAOY,WAAaA,WACpBZ,EAAOa,UAAYA,UACnBb,EAAOc,WAAaA,WACpBd,EAAOe,mBAAqBA,mBAC5Bf,EAAOgB,QAAU,CAAA,EACjBhB,EAAOiB,MAAQ,CAAA,EACfjB,EAAOkB,MAAQ,CAAA,EACflB,EAAOmB,KAAO,GACdnB,EAAOoB,aAAe,KACtBpB,EAAOqB,eAAiB,KACxBrB,EAAOR,KAAOA,EAEdQ,EAAOsB,WAAarB,EAAYqB,WAChCtB,EAAOuB,UAAYtB,EAAYsB,UAC/BvB,EAAOwB,eAAiB,SAASC,GAC/B,OAAOxB,EAAYyB,eAAeD,EACtC,OAAO,CACL,EACAlB,EAAc,SAEdP,EAAO2B,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACTC,OAAOC,KAAKH,EAAOC,KAAK,OAKxB,OAHKD,EAAOI,SACVJ,EAAOI,OAASJ,EAAOlC,OAEjB,OAAOkC,EAAOI,QACpB,IAAK,WACHJ,EAAOI,OAAOhC,EAAOiC,YAC/BjC,CAAM,EACI,MACF,IAAK,SACHA,EAAO4B,EAAOI,QAAQ,EACtB,MACF,QACE3D,QAAQC,IAAI,OAAOsD,EAAOI,MAAM,CACpC,CAEF,OAAOhC,EAAOiB,MAAQ,CAAA,CACxB,EAIAjB,EAAOkC,kBAAoB,SAASC,EACtCC,GACI,IACAC,EAAQC,SAASC,iBAAiB,SAASH,CAAO,EAkBlD,OAjBApC,EAAOgB,QAAU,CAAA,EACjBZ,EAAc,UAAKO,kCAAkCJ,KAAeP,EAAOqB,eAAemB,SAASL,WAAYC,CAAO,EAAEK,KAAK,SAASC,GACpI,IAAIC,EACVC,EACAC,EACAC,EAGM,IAFA9C,EAAOgB,QAAU,CAAA,EACjB8B,EAAU,GACLF,EAAI,EAAGC,EAAMR,EAAMzD,OAAQgE,EAAIC,EAAKD,CAAC,GACxCD,EAAIN,EAAMO,GACVE,EAAQC,KAAKJ,EAAEK,OAAO,CAAC,EAEzB,OAAOF,CACT,EACJ,SAASG,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EACMhB,EAAOkB,MAAQ,CAAA,CACxB,EAEAlB,EAAOkD,cAAgB,WAErB,OADAlD,EAAOgB,QAAU,CAAA,EACVZ,EAAc,OAAKO,uBAAsBJ,KAAeP,EAAOqB,eAAemB,EAAI,EAAEC,KAAK,SAASC,GAGvG,OAFA1C,EAAOqB,eAAiB,KACxBrB,EAAOoB,aAAa4B,OAAO,EACpBhD,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,CACH,EACAhB,EAAOmD,aAAe,WAEpB,OADAnD,EAAOgB,QAAU,CAAA,EACVZ,EAAY,KAAKO,+BAA8BJ,KAAeP,EAAOqB,eAAemB,EAAI,EAAEC,KAAK,SAASC,GAG7G,OAFA1C,EAAOqB,eAAiB,KACxBrB,EAAOoB,aAAa4B,OAAO,EACpBhD,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,CACH,EAEAhB,EAAOoD,QAAU,SAASC,GACxB,IACA5B,EAAO4B,EAAMC,YASb,OAR0B,IAAtB7B,EAAK8B,MAAM3E,QACboB,EAAOwD,WAAW/B,EAAKgC,MAC7BhC,EAAK8B,MACL9B,EAAK/C,MACL+C,EAAK9C,KACL8C,EAAKiC,MACLjC,EAAKkC,KAAK,EAECN,EAAMO,OAAO,CACtB,EAEA5D,EAAO6D,eAAiB,SAASR,GAC/B,IAAIS,EAKJC,EAAmB,SAAStE,GAC1B,IACNuE,EACAC,EACAC,EACAC,EACAC,EACAC,EACAjC,EACAQ,EACA0B,EACAC,EACAC,EACAC,EACA5B,EACA6B,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EAEAjG,EACAkG,EACAnC,EACMoC,EAAU,SAASC,EACzBpG,GACQ,IACRkD,EACA4B,EACA3B,EAEA8C,EAGAlC,EACAsC,EACQH,EAAM,GACNI,EAAM,IAAIC,OAAOH,CAAE,EACnB1B,EAAK,GACL,IAAKI,KAAO/E,EACVgE,EAAQhE,EAAQ+E,GACZA,EAAIvG,MAAM+H,CAAG,GAAKvC,IACpBW,GAASX,MAASe,KAClB,OAAO/E,EAAQ+E,IAGnB,GAAIJ,EAAI,CAMN,KAHAuB,GAFAvB,EAAKA,EAAGjG,QAAQ,KAC1B,EAAE,GACiB+H,MAAM,GAAG,GACdC,KAAK,EACTR,EAAIS,QAAQ,EACPxD,EAAI,EAAGC,EAAM8C,EAAI/G,OAAQgE,EAAIC,EAAKD,CAAC,GAEtCmD,EADMJ,EAAI/C,GACDsD,MAAM,GAAG,EAClBN,EAAI7C,KAAK,CACPrD,MAAOqG,EAAG,GACVtC,MAAOzD,EAAOqG,WAAWN,EAAG,EAAE,CAChC,CAAC,EAEH,OAAOR,EAAIxC,KAAK,CACdrD,MAAOA,EACP6D,MAAOqC,CACT,CAAC,CACH,CACF,EACAU,EAAO7G,EAAQ8G,OAEf,IAAK/B,KAAO/E,GACVgE,EAAQhE,EAAQ+E,KAIS,UAAnB,OAAO/E,GAAwBgE,EAAMxF,MAAM,IAAI,IACjDwB,EAAQ+E,GAAOf,EAAMyC,MAAM,IAAI,GAEL,UAAxB,OAAOzG,EAAQ+E,KA7PZ,YA8PgBvG,MAAM,IAAIgI,OAAO,KAAOzB,EAAM,IAAI,CAAC,EACtD/E,EAAQ+E,GAAO,WACNA,EAAIvG,MAAM,mDAAmD,EACtEwB,EAAQ+E,GAAOxE,EAAOqG,WAAW5C,CAAK,EAC7Be,EAAIvG,MAAM,4BAA4B,IAC/CwB,EAAQ+E,GAAOxE,EAAOwG,gBAAgB/C,CAAK,KAX/C,OAAOhE,EAAQ+E,GAkBnB,IAAKL,KAFLoB,EAAM,GAEW1G,EAAY,CAG3B,IADA6G,EAAS,GACJ9C,EAAI,EAAGC,GAFZqB,EAAQrF,EAAWsF,IAEKvF,OAAQgE,EAAIC,EAAKD,CAAC,GAAI,CAE5C,GADAqB,EAAOC,EAAMtB,GACTnD,EAAQwE,GACV,GAAa,eAATA,GAAyBxE,EAAQwE,IAEnC,GAAmB,GADnBD,EAAQyC,KAAKC,MAAMjH,EAAQwE,EAAK,GACtBrF,OAOR,IANA8G,EAAO3C,KAAK,CACVrD,MAAO,OACP+D,MAAO,OACPrB,MAAO,OACPuE,GAAI,GACN,CAAC,EACIrC,EAAI,EAAGI,EAAOV,EAAMpF,OAAQ0F,EAAII,EAAMJ,CAAC,GAAI,CAE9C,IAAKE,KADLgB,EAAWxB,EAAMM,GAEfb,EAAQ+B,EAAShB,GACL,SAARA,IACF9E,EAAQ+D,GAEE,SAARe,IACFQ,EAAOvB,GAEG,UAARe,IACFpC,EAAQqB,GAGZiC,EAAO3C,KAAK,CACVrD,MAAOA,EACP+D,MAAOuB,EACP5C,MAAOA,EACPuE,GAAI,GACN,CAAC,CACH,CACF,MAEK,GAAIlH,EAAQwE,GAAM2C,SAAS,EAAE3I,MAAM,kBAAkB,EAQ1D,IAPAyH,EAAO3C,KAAK,CACVrD,MAAO,KACP+D,MAAO,QACPrB,MAAO,OACPuE,GAAI,GACN,CAAC,EAEIpC,EAAI,EAAGI,GADZX,EAAQyC,KAAKC,MAAMjH,EAAQwE,EAAK,GACPrF,OAAQ2F,EAAII,EAAMJ,CAAC,GAAI,CAE9C,IAAKC,KADLU,EAAclB,EAAMO,GAElBd,EAAQyB,EAAYV,GACR,OAARA,IACF9E,EAAQ+D,GAEE,UAARe,IACFQ,EAAOvB,GAEG,UAARe,IACFpC,EAAQqB,GAGZiC,EAAO3C,KAAK,CACVrD,MAAOA,EACP+D,MAAOuB,EACP5C,MAAOA,EACPuE,GAAI,GACN,CAAC,CACH,MAESlH,EAAQwE,GAAM2C,SAAS,EAAE3I,MAAM,KAAK,GAC7CyH,EAAO3C,KAAK,CACVrD,MAAOuE,EACPR,MAAOhE,EAAQwE,GACf7B,MAAO,EACT,CAAC,EAMH,OAAO3C,EAAQwE,EAEnB,CACoB,EAAhByB,EAAO9G,QACT2G,EAAIxC,KAAK,CACPrD,WAAYyE,MACZZ,MAAOmC,CACT,CAAC,CAEL,CAOA,GALAG,EAAQ,UACd,QAAQ,EACFA,EAAQ,qBACd,uBAAuB,EAEbpG,EAAQoH,cAAe,CAEzB,GADAjB,EAAM,GACFnG,EAAQoH,cAAcC,aAExB,IAAK/B,EAAI,EAAGH,GADZS,EAAM5F,EAAQoH,cAAcC,cACLlI,OAAQmG,EAAIH,EAAMG,CAAC,GAAI,CAI5C,IAAKP,KADLJ,EAAK,GAFLK,EAAIY,EAAIN,GAINtB,EAAQgB,EAAED,GACLA,EAAIvG,MAAM,yBAAyB,IACtCmG,QAAWI,OAASf,IAGxBkC,EAAMvB,EAAG8B,MAAM,IAAI,GACfC,KAAK,EACT/B,EAAKuB,EAAIoB,KAAK,IAAI,EAClBnB,EAAI7C,KAAK,CACPjF,EAAG2G,EAAE8B,OACL7G,MAAOM,EAAOqG,WAAW5B,EAAE8B,MAAM,EACjC9C,qBAAsBgB,EAAEzG,UAAYoG,CACtC,CAAC,CACH,CAEF,GAAI3E,EAAQoH,cAAcG,YAExB,IAAK/B,EAAI,EAAGJ,GADZS,EAAO7F,EAAQoH,cAAcG,aACLpI,OAAQqG,EAAIJ,EAAMI,CAAC,GAAI,CAI7C,IAAKT,KADLJ,EAAK,GAFLK,EAAIa,EAAKL,GAIPxB,EAAQgB,EAAED,GACLA,EAAIvG,MAAM,yBAAyB,IACtCmG,QAAWI,OAASf,IAGxBkC,EAAMvB,EAAG8B,MAAM,IAAI,GACfC,KAAK,EACT/B,EAAKuB,EAAIoB,KAAK,IAAI,EAClBnB,EAAI7C,KAAK,CACPjF,EAAG2G,EAAE8B,OACL7G,MAAOM,EAAOqG,WAAW5B,EAAE8B,MAAM,EACjC9C,eAAgBgB,EAAEwC,aAAaxC,EAAEzG,UAAYoG,CAC/C,CAAC,CACH,CAEF,OAAO3E,EAAQoH,cACfjB,EAAIO,KAAK,SAASe,EAC1BC,GACU,OAAOA,EAAErJ,EAAIoJ,EAAEpJ,CACjB,CAAC,EACDyH,EAAIxC,KAAK,CACPrD,MAAO,mBACP6D,MAAOqC,CACT,CAAC,CACH,CAGA,IAAKpB,KADLoB,EAAM,GACMnG,EACVgE,EAAQhE,EAAQ+E,GAChBoB,EAAI7C,KAAK,CACPrD,MAAO8E,EACPf,MAAOA,CACT,CAAC,EAeH,IAbAmC,EAAIO,KAAK,SAASe,EACxBC,GACQ,OAAID,EAAExH,MAAQyH,EAAEzH,MACP,EACEwH,EAAExH,MAAQyH,EAAEzH,MACd,CAAC,EAED,CAEX,CAAC,EAED0F,EAAO,GACPK,EAAQ,GACHN,EAAI,EAAGL,EAAOc,EAAIhH,OAAQuG,EAAIL,EAAMK,CAAC,KACxCd,EAAUuB,EAAIT,IACFzF,MAAMzB,MAAM,IAAIgI,OAAO,IAAMjG,EAAOa,UAAY,KAAK,CAAC,GAChExC,QAAQC,IAAI+F,EACtB,mBAAmB,EACTe,GAGAK,GAHK1C,KAAKsB,CAAO,EAWrB,OALAuB,EAAMH,EAAM2B,OAAOhC,CAAI,EACvBG,EAAIxC,KAAK,CACPrD,MAAO,0BACP6D,MAAOqC,CACT,CAAC,EACM,CACLW,OAAQD,EACR/C,MAAOgC,CACT,CACF,EAOA,OANAvF,EAAOoB,aAAeiC,EACtBS,EAAYT,EAAMC,YAAY7D,QAC9BW,EAAMiH,IAAO1G,uBAAsBJ,KAAeuD,CAAW,EAAErB,KAAK,SAASC,GAE3E,OADA1C,EAAOqB,eAAiB0C,EAAiBrB,EAASvB,IAAI,EAC/CnB,EAAOqB,eAAemB,GAAKsB,CACpC,CAAC,EACM9D,EAAOkB,MAAQ,CAAA,CACxB,EACAlB,EAAOqG,WAAa,SAASiB,GAG3B,OADI,IAAIC,KAAS,IAAJD,CAAQ,EACZE,eAAe,CAC1B,EACAxH,EAAOyH,QAAU,SAASrF,EAC5BsF,GACI,IAGAC,EAAOzH,EAAUyH,KAAK,EACtBC,EAAML,KAAKK,IAAI,EAAI,IAUnB,OATAvJ,QAAQC,IAAI,OAChBqJ,CAAI,EACAtJ,QAAQC,IAAI,gBAChB8D,CAAK,EACD/D,QAAQC,IAAI,eAChBsJ,CAAG,EACCvJ,QAAQC,IAAI,cAChBwC,UAAU,EACN2G,EAAUG,EAAMxF,EAAQtB,YAAcZ,EAAUyH,KAAK,EAAE1J,MAAM,eAAe,EAC/D,QAATyJ,GACFrJ,QAAQC,IAAI,YAAY,EACpBmJ,EACK,OAEA,WAES,UAATC,GACTrJ,QAAQC,IAAI,cAAc,EACtBmJ,EACK,GAEA,CACLI,MAAS,UACTC,aAAc,QAChB,IAGFzJ,QAAQC,IAAI,gBAAgB,EACrBmJ,EAEX,EACAzH,EAAOwG,gBAAkB,SAASc,GAChC,IAEAS,EAAYT,EAAErJ,MAAM,8CAA8C,EAClE,OAAK8J,EAAUnJ,OAGX,IAAI2I,QAAQQ,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,EAAI,EACrGP,eAAe,EAHfF,CAIX,EAEAtH,EAAOgI,YAAc,SAASC,GAI5B,OAHAjI,EAAOiI,KAAOA,EACdjI,EAAOkI,KAAO,QACdlI,EAAOmI,KAAK,EACLnI,EAAOiB,MAAQ,CAAA,CACxB,EAkBAjB,EAAOoI,IAAI,yBAhBC,SAASC,EACvBC,EACAC,GAEIC,EAAIF,EAAKrK,MAAM,YAAY,EAU3B,OATAsC,EAAc,SACJ,OAANiI,EACFxI,EAAO0H,KAAO,eACLc,EAAE,GAAGvK,MAAM,wBAAwB,GAC5CsC,EAAc0F,OAAOwC,GACrBzI,EAAO0H,KAAO,gBAEd1H,EAAO0H,KAAOc,EAAE,GAEXxI,EAAOmI,KAAK,CACrB,CAEO,EAEP9H,EAAS,EACTL,EAAOwD,WAAa,SAASC,EAC/BhC,EACA/C,EACAC,EACA+J,EACA/E,GACI,IAAID,EACRiF,EA8FI,GA5FA3I,EAAOgB,QAAU,CAAA,EAMjB2H,EAAS/K,EAAQoC,EAAO0H,QAA+C,gBAAhB1H,EAAO0H,KAAyB9J,EAAQQ,WAAaR,EAAQC,cAEpH6F,EAAQiF,EAAOjK,GAAOsB,EAAO0H,KACjCjE,EACAiF,CAAY,EA5tBR,GA8tBI/E,GAAelF,EAAWuB,EAAO0H,QAC/B9B,EAAMnH,EAAWuB,EAAO0H,MAAM1H,EAAO0H,KAC/CjE,EACA/E,EACAC,EACA+J,CAAY,IACJ/J,CAAI,GACJ+E,EAAQkC,EACRlH,GAAgB,GAKlBC,EAAO,EAGTyB,EAAMiH,IAAO1G,uBAAsBJ,KAAemD,CAAO,EAAEjB,KAAK,SAASC,GACvE,IACNE,EACAC,EACA2F,EACAnD,EACMlE,EAAOuB,EAASvB,KAChB,GAAIA,EAAKyH,OAAQ,CAEf,IAAKhG,EAAI,EAAGC,GADZwC,EAAMlE,EAAK0H,QACWjK,OAAQgE,EAAIC,EAAKD,CAAC,GACtC4F,EAAInD,EAAIzC,GACRvC,CAAM,GACNmI,EAAEhG,GAAK,OAAOnC,EACV3B,EAAQiK,EAAO/J,OAAS,IAC1B4J,EAAEjF,MAAQ,GACViF,EAAE9J,MAAQA,EAAQ,EAClB8J,EAAE9E,MAAQA,EACV8E,EAAE7J,KAAOA,EAELqB,EAAO0H,KAAKzJ,MAAM,wBAAwB,KAE5CuK,EAAE9I,MAAQ8I,EAAE/E,MAAMtF,QAAQ,0BAExC,OAAO,EAAEA,QAAQ,uBAEjB,QAAQ,EAAEA,QAAQ,mBAElB,KAAK,EAAEA,QAAQ,yBACf,UAAU,GAGAsD,EAAKsB,KAAKyF,CAAC,EAEC,KAAV/E,IACFzD,EAAO8I,MAAQ3H,EAAK2H,MAExB,CACA,OAAO9I,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EAED3C,QAAQC,IAAI,YAChBiC,CAAW,EACPP,EAAO+I,YAAc,CACnBlB,MAAO,MACT,EACA7H,EAAOgJ,aAAe,CACpBnB,MAAO,MACT,EACA7H,EAAOiJ,gBAAkB,CACvBpB,MAAO,MACT,EACoB,WAAhBtH,IACFP,EAAO+I,YAAc,CACnBlB,MAAO,MACT,GAEkB,YAAhBtH,IACFP,EAAOgJ,aAAe,CACpBnB,MAAO,MACT,GAEkB,eAAhBtH,EACF,OAAOP,EAAOiJ,gBAAkB,CAC9BpB,MAAO,MACT,CAEJ,EAIA7H,EAAOmI,KAAO,WAiBZ,OAhBAnI,EAAOgB,QAAU,CAAA,EACjBhB,EAAOmB,KAAO,GACdnB,EAAOoB,aAAe,KACtBpB,EAAOqB,eAAiB,KACxBlB,EAAG+I,IAAI,CAACjJ,EAAYkI,KAAKnI,EAAOiI,IAAI,EACxCjI,EAAOwD,WAAW,GAClBxD,EAAOmB,KACP,EACA,CAAC,EAAE,EAAEsB,KAAK,WACJ,OAAOzC,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EAEDhB,EAAOmJ,aAAe,WACfnJ,EAAOoJ,QAAU,CACtBvB,MAAO,SACT,CACF,EAGAvH,EAAIJ,EAAUyH,KAAK,EAAE1J,MAAM,UAAU,EAC9B+B,EAAO0H,KAAOpH,EAAIA,EAAE,GAAK,cAClC,EACD,CAEF,EAAE+I,KAAKC,IAAI"}
\ No newline at end of file
diff --git a/manager/Dockerfile b/manager/Dockerfile
index 86e1925..0167fc9 100644
--- a/manager/Dockerfile
+++ b/manager/Dockerfile
@@ -31,6 +31,7 @@ RUN \
     echo patch ignorepollers.patch && patch -p1 < ignorepollers.patch && \
     echo patch fixedLogout.patch && patch -p1 < fixedLogout.patch && \
     echo patch matrix-token-exchange.patch && patch -p1 < matrix-token-exchange.patch && \
+    echo patch globalLogout.patch && patch -p1 < globalLogout.patch && \
     rm -f *.patch && \
     LLNG_DEFAULTCONFFILE=/etc/lemonldap-ng/lemonldap-ng.ini \
     perl -MLemonldap::NG::Manager::Build -e 'Lemonldap::NG::Manager::Build->run( \
diff --git a/manager/globalLogout.patch b/manager/globalLogout.patch
new file mode 100644
index 0000000..7437112
--- /dev/null
+++ b/manager/globalLogout.patch
@@ -0,0 +1,77 @@
+diff --git a/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm b/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
+index edf6a5f19..89c7571d2 100644
+--- a/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
++++ b/usr/share/perl5/Lemonldap/NG/Manager/Sessions.pm
+@@ -40,6 +40,13 @@ sub init {
+         ['DELETE']
+       )
+ 
++      # DELETE ALL SESSIONS FOR A USER
++      ->addRoute(
++        sessions =>
++          { glogout => { ':sessionType' => { ':sessionId' => 'userLogout' } } },
++        ['POST']
++      )
++
+       # DELETE OIDC CONSENT
+       ->addRoute(
+         sessions => {
+@@ -60,6 +67,58 @@ sub init {
+     return 1;
+ }
+ 
++#
++# User logout
++#
++
++sub userLogout {
++    my ( $self, $req ) = @_;
++
++    my $mod = $self->getMod($req)
++      or return $self->sendError( $req, undef, 400 );
++    my $id = $req->params('sessionId')
++      or return $self->sendError( $req, 'sessionId is missing', 400 );
++    my $session = $self->getApacheSession( $mod, $id );
++
++    my $uidKey = Lemonldap::NG::Handler::Main->tsv->{whatToTrace};
++    my $uid    = $session->data->{$uidKey};
++
++    my $count = 0;
++    foreach my $storage (qw(oidcStorage sessionStorage)) {
++        my $storageModule =
++          Lemonldap::NG::Handler::Main->tsv->{"${storage}Module"};
++        if ( defined $storageModule ) {
++            next if ( $storageModule eq "Apache::Session::Memcached" );
++            my $opts = Lemonldap::NG::Handler::Main->tsv->{"${storage}Options"};
++            $opts->{backend} = $storageModule;
++            my $sessions =
++              Lemonldap::NG::Common::Apache::Session->searchOn( $opts, $uidKey,
++                $uid );
++            my @keys;
++            if ( $sessions and %$sessions ) {
++                @keys = keys %$sessions;
++                foreach my $sid (@keys) {
++                    my $session = Lemonldap::NG::Common::Session->new(
++                        storageModule        => $storageModule,
++                        storageModuleOptions => $opts,
++                        cacheModule => Lemonldap::NG::Handler::Main->tsv
++                          ->{sessionCacheModule},
++                        cacheModuleOptions => Lemonldap::NG::Handler::Main->tsv
++                          ->{sessionCacheOptions},
++                        id => $sid,
++                    );
++                    if ( $session->data ) {
++                        $session->remove;
++                        $count++;
++                    }
++                }
++            }
++        }
++    }
++    Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
++    return $self->sendJSONresponse( $req, { result => 1, count => $count } );
++}
++
+ #######################
+ # II. CONSENT METHODS #
+ #######################
diff --git a/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js
new file mode 100644
index 0000000..7cb8cb9
--- /dev/null
+++ b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.js
@@ -0,0 +1,863 @@
+// Generated by CoffeeScript 2.7.0
+(function() {
+  /*
+   * Sessions explorer
+   */
+  /*
+   * AngularJS application
+   */
+  var categories, hiddenAttributes, llapp, max, menu, overScheme, schemes;
+
+  // Max number of session to display (see overScheme)
+  max = 25;
+
+  // Queries to do each type of display: each array item corresponds to the depth
+  // of opened nodes in the tree
+  schemes = {
+    _whatToTrace: [
+      // First level: display 1 letter
+      function(t,
+      v) {
+        return `groupBy=substr(${t},1)`;
+      },
+      // Second level (if no overScheme), display usernames
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=${t}`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}`;
+      }
+    ],
+    ipAddr: [
+      function(t,
+      v) {
+        return `groupBy=net(${t},16,1)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},32,2)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},48,3)`;
+      },
+      function(t,
+      v) {
+        if (!v.match(/:/)) {
+          v = v + '.';
+        }
+        return `${t}=${v}*&groupBy=net(${t},128,4)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}&groupBy=_whatToTrace`;
+      },
+      function(t,
+      v,
+      q) {
+        return q.replace(/\&groupBy.*$/,
+      '') + `&_whatToTrace=${v}`;
+      }
+    ],
+    _startTime: [
+      function(t,
+      v) {
+        return `groupBy=substr(${t},8)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},10)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},11)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=substr(${t},12)`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=_whatToTrace`;
+      },
+      function(t,
+      v,
+      q) {
+        console.log(t);
+        console.log(v);
+        console.log(q);
+        return q.replace(/\&groupBy.*$/,
+      '') + `&_whatToTrace=${v}`;
+      }
+    ],
+    doubleIp: [
+      function(t,
+      v) {
+        return t;
+      },
+      function(t,
+      v) {
+        return `_whatToTrace=${v}&groupBy=ipAddr`;
+      },
+      function(t,
+      v,
+      q) {
+        return q.replace(/\&groupBy.*$/,
+      '') + `&ipAddr=${v}`;
+      }
+    ],
+    _session_uid: [
+      // First level: display 1 letter
+      function(t,
+      v) {
+        return `groupBy=substr(${t},1)`;
+      },
+      // Second level (if no overScheme), display usernames
+      function(t,
+      v) {
+        return `${t}=${v}*&groupBy=${t}`;
+      },
+      function(t,
+      v) {
+        return `${t}=${v}`;
+      }
+    ]
+  };
+
+  // When number of children nodes exceeds "max" value and if "overScheme.<type>"
+  // is available and does not return "null", a level is added. See
+  // "$scope.updateTree" method
+  overScheme = {
+    _whatToTrace: function(t, v, level, over) {
+      // "v.length > over" avoids a loop if one user opened more than "max"
+      // sessions
+      console.log('overScheme => level', level, 'over', over);
+      if (level === 1 && v.length > over) {
+        return `${t}=${v}*&groupBy=substr(${t},${level + over + 1})`;
+      } else {
+        return null;
+      }
+    },
+    // Note: IPv4 only
+    ipAddr: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level > 0 && level < 4 && !v.match(/^\d+\.\d/) && over < 2) {
+        return `${t}=${v}*&groupBy=net(${t},${16 * level + 4 * (over + 1)},${1 + level + over})`;
+      } else {
+        return null;
+      }
+    },
+    _startTime: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level > 3) {
+        return `${t}=${v}*&groupBy=substr(${t},${10 + level + over})`;
+      } else {
+        return null;
+      }
+    },
+    _session_uid: function(t, v, level, over) {
+      console.log('overScheme => level', level, 'over', over);
+      if (level === 1 && v.length > over) {
+        return `${t}=${v}*&groupBy=substr(${t},${level + over + 1})`;
+      } else {
+        return null;
+      }
+    }
+  };
+
+  hiddenAttributes = '_password';
+
+  // Attributes to group in session display
+  categories = {
+    dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen'],
+    connectionTitle: ['ipAddr', '_timezone', '_url'],
+    authenticationTitle: ['_session_id', '_user', '_password', 'authenticationLevel'],
+    modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti', '_2f'],
+    saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump'],
+    groups: ['groups', 'hGroups'],
+    ldap: ['dn'],
+    OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token', '_oidc_refresh_token', '_oidc_access_token_eol', '_oidcConnectedRP', '_oidcConnectedRPIDs'],
+    sfaTitle: ['_2fDevices'],
+    oidcConsents: ['_oidcConsents']
+  };
+
+  // Menu entries
+  menu = {
+    session: [
+      {
+        title: 'deleteSession',
+        icon: 'trash'
+      },
+      {
+        title: 'globalLogout',
+        icon: 'trash'
+      }
+    ],
+    home: []
+  };
+
+  llapp = angular.module('llngSessionsExplorer', ['ui.tree', 'ui.bootstrap', 'llApp']);
+
+  // Main controller
+  llapp.controller('SessionsExplorerCtrl', [
+    '$scope',
+    '$translator',
+    '$location',
+    '$q',
+    '$http',
+    function($scope,
+    $translator,
+    $location,
+    $q,
+    $http) {
+      var autoId,
+    c,
+    pathEvent,
+    sessionType;
+      $scope.links = links;
+      $scope.menulinks = menulinks;
+      $scope.staticPrefix = staticPrefix;
+      $scope.scriptname = scriptname;
+      $scope.formPrefix = formPrefix;
+      $scope.impPrefix = impPrefix;
+      $scope.sessionTTL = sessionTTL;
+      $scope.availableLanguages = availableLanguages;
+      $scope.waiting = true;
+      $scope.showM = false;
+      $scope.showT = true;
+      $scope.data = [];
+      $scope.currentScope = null;
+      $scope.currentSession = null;
+      $scope.menu = menu;
+      // Import translations functions
+      $scope.translateP = $translator.translateP;
+      $scope.translate = $translator.translate;
+      $scope.translateTitle = function(node) {
+        return $translator.translateField(node,
+    'title');
+      };
+      sessionType = 'global';
+      // Handle menu items
+      $scope.menuClick = function(button) {
+        if (button.popup) {
+          window.open(button.popup);
+        } else {
+          if (!button.action) {
+            button.action = button.title;
+          }
+          switch (typeof button.action) {
+            case 'function':
+              button.action($scope.currentNode,
+    $scope);
+              break;
+            case 'string':
+              $scope[button.action]();
+              break;
+            default:
+              console.log(typeof button.action);
+          }
+        }
+        return $scope.showM = false;
+      };
+      // SESSION MANAGEMENT
+
+      // Delete RP Consent
+      $scope.deleteOIDCConsent = function(rp,
+    epoch) {
+        var items;
+        items = document.querySelectorAll(`.data-${epoch}`);
+        $scope.waiting = true;
+        $http['delete'](`${scriptname}sessions/OIDCConsent/${sessionType}/${$scope.currentSession.id}?rp=${rp}&epoch=${epoch}`).then(function(response) {
+          var e,
+    i,
+    len,
+    results;
+          $scope.waiting = false;
+          results = [];
+          for (i = 0, len = items.length; i < len; i++) {
+            e = items[i];
+            results.push(e.remove());
+          }
+          return results;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        return $scope.showT = false;
+      };
+      // Delete
+      $scope.deleteSession = function() {
+        $scope.waiting = true;
+        return $http['delete'](`${scriptname}sessions/${sessionType}/${$scope.currentSession.id}`).then(function(response) {
+          $scope.currentSession = null;
+          $scope.currentScope.remove();
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+      };
+      $scope.globalLogout = function() {
+        $scope.waiting = true;
+        return $http['post'](`${scriptname}sessions/glogout/${sessionType}/${$scope.currentSession.id}`).then(function(response) {
+          $scope.currentSession = null;
+          $scope.currentScope.remove();
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+      };
+      // Open node
+      $scope.stoggle = function(scope) {
+        var node;
+        node = scope.$modelValue;
+        if (node.nodes.length === 0) {
+          $scope.updateTree(node.value,
+    node.nodes,
+    node.level,
+    node.over,
+    node.query,
+    node.count);
+        }
+        return scope.toggle();
+      };
+      // Display selected session
+      $scope.displaySession = function(scope) {
+        var sessionId,
+    transformSession;
+        // Private functions
+
+        // Session preparation
+        transformSession = function(session) {
+          var _insert,
+    array,
+    attr,
+    attrs,
+    category,
+    cv,
+    element,
+    epoch,
+    i,
+    j,
+    k,
+    key,
+    l,
+    len,
+    len1,
+    len2,
+    len3,
+    len4,
+    len5,
+    m,
+    name,
+    o,
+    oidcConsent,
+    p,
+    real,
+    ref,
+    ref1,
+    res,
+    sfDevice,
+    spoof,
+    subres,
+    tab,
+    time,
+    title,
+    tmp,
+    value;
+          _insert = function(re,
+    title) {
+            var cv,
+    i,
+    key,
+    len,
+    reg,
+    tab,
+    tmp,
+    val,
+    value,
+    vk;
+            tmp = [];
+            reg = new RegExp(re);
+            cv = "";
+            for (key in session) {
+              value = session[key];
+              if (key.match(reg) && value) {
+                cv += `${value}:${key},`;
+                delete session[key];
+              }
+            }
+            if (cv) {
+              cv = cv.replace(/,$/,
+    '');
+              tab = cv.split(',');
+              tab.sort();
+              tab.reverse();
+              for (i = 0, len = tab.length; i < len; i++) {
+                val = tab[i];
+                vk = val.split(':');
+                tmp.push({
+                  title: vk[1],
+                  value: $scope.localeDate(vk[0])
+                });
+              }
+              return res.push({
+                title: title,
+                nodes: tmp
+              });
+            }
+          };
+          time = session._utime;
+// 1. Replace values if needed
+          for (key in session) {
+            value = session[key];
+            if (!value) {
+              delete session[key];
+            } else {
+              if (typeof session === 'string' && value.match(/; /)) {
+                session[key] = value.split('; ');
+              }
+              if (typeof session[key] !== 'object') {
+                if (hiddenAttributes.match(new RegExp('\b' + key + '\b'))) {
+                  session[key] = '********';
+                } else if (key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)) {
+                  session[key] = $scope.localeDate(value);
+                } else if (key.match(/^(_startTime|_updateTime)$/)) {
+                  session[key] = $scope.strToLocaleDate(value);
+                }
+              }
+            }
+          }
+          res = [];
+// 2. Push session keys in result, grouped by categories
+          for (category in categories) {
+            attrs = categories[category];
+            subres = [];
+            for (i = 0, len = attrs.length; i < len; i++) {
+              attr = attrs[i];
+              if (session[attr]) {
+                if (attr === "_2fDevices" && session[attr]) {
+                  array = JSON.parse(session[attr]);
+                  if (array.length > 0) {
+                    subres.push({
+                      title: "type",
+                      value: "name",
+                      epoch: "date",
+                      td: "0"
+                    });
+                    for (j = 0, len1 = array.length; j < len1; j++) {
+                      sfDevice = array[j];
+                      for (key in sfDevice) {
+                        value = sfDevice[key];
+                        if (key === 'type') {
+                          title = value;
+                        }
+                        if (key === 'name') {
+                          name = value;
+                        }
+                        if (key === 'epoch') {
+                          epoch = value;
+                        }
+                      }
+                      subres.push({
+                        title: title,
+                        value: name,
+                        epoch: epoch,
+                        td: "1"
+                      });
+                    }
+                  }
+                  delete session[attr];
+                } else if (session[attr].toString().match(/"rp":\s*"[\w-]+"/)) {
+                  subres.push({
+                    title: "RP",
+                    value: "scope",
+                    epoch: "date",
+                    td: "0"
+                  });
+                  array = JSON.parse(session[attr]);
+                  for (k = 0, len2 = array.length; k < len2; k++) {
+                    oidcConsent = array[k];
+                    for (key in oidcConsent) {
+                      value = oidcConsent[key];
+                      if (key === 'rp') {
+                        title = value;
+                      }
+                      if (key === 'scope') {
+                        name = value;
+                      }
+                      if (key === 'epoch') {
+                        epoch = value;
+                      }
+                    }
+                    subres.push({
+                      title: title,
+                      value: name,
+                      epoch: epoch,
+                      td: "2"
+                    });
+                  }
+                  delete session[attr];
+                } else if (session[attr].toString().match(/\w+/)) {
+                  subres.push({
+                    title: attr,
+                    value: session[attr],
+                    epoch: ''
+                  });
+                  delete session[attr];
+                } else {
+                  delete session[attr];
+                }
+              } else {
+                delete session[attr];
+              }
+            }
+            if (subres.length > 0) {
+              res.push({
+                title: `__${category}__`,
+                nodes: subres
+              });
+            }
+          }
+          // 3. Add OpenID and notifications already notified
+          _insert('^openid',
+    'OpenID');
+          _insert('^notification_(.+)',
+    '__notificationsDone__');
+          // 4. Add session history if exists
+          if (session._loginHistory) {
+            tmp = [];
+            if (session._loginHistory.successLogin) {
+              ref = session._loginHistory.successLogin;
+              for (m = 0, len3 = ref.length; m < len3; m++) {
+                l = ref[m];
+                // History custom values
+                cv = "";
+                for (key in l) {
+                  value = l[key];
+                  if (!key.match(/^(_utime|ipAddr|error)$/)) {
+                    cv += `, ${key} : ${value}`;
+                  }
+                }
+                tab = cv.split(', ');
+                tab.sort();
+                cv = tab.join(', ');
+                tmp.push({
+                  t: l._utime,
+                  title: $scope.localeDate(l._utime),
+                  value: `Success (IP ${l.ipAddr})` + cv
+                });
+              }
+            }
+            if (session._loginHistory.failedLogin) {
+              ref1 = session._loginHistory.failedLogin;
+              for (o = 0, len4 = ref1.length; o < len4; o++) {
+                l = ref1[o];
+                // History custom values
+                cv = "";
+                for (key in l) {
+                  value = l[key];
+                  if (!key.match(/^(_utime|ipAddr|error)$/)) {
+                    cv += `, ${key} : ${value}`;
+                  }
+                }
+                tab = cv.split(', ');
+                tab.sort();
+                cv = tab.join(', ');
+                tmp.push({
+                  t: l._utime,
+                  title: $scope.localeDate(l._utime),
+                  value: `Error ${l.error} (IP ${l.ipAddr})` + cv
+                });
+              }
+            }
+            delete session._loginHistory;
+            tmp.sort(function(a,
+    b) {
+              return b.t - a.t;
+            });
+            res.push({
+              title: '__loginHistory__',
+              nodes: tmp
+            });
+          }
+          // 5. Other keys (attributes and macros)
+          tmp = [];
+          for (key in session) {
+            value = session[key];
+            tmp.push({
+              title: key,
+              value: value
+            });
+          }
+          tmp.sort(function(a,
+    b) {
+            if (a.title > b.title) {
+              return 1;
+            } else if (a.title < b.title) {
+              return -1;
+            } else {
+              return 0;
+            }
+          });
+          // Sort by real and spoofed attributes
+          real = [];
+          spoof = [];
+          for (p = 0, len5 = tmp.length; p < len5; p++) {
+            element = tmp[p];
+            if (element.title.match(new RegExp('^' + $scope.impPrefix + '.+$'))) {
+              console.log(element,
+    '-> real attribute');
+              real.push(element);
+            } else {
+              //console.log element, '-> spoofed attribute'
+              spoof.push(element);
+            }
+          }
+          tmp = spoof.concat(real);
+          res.push({
+            title: '__attributesAndMacros__',
+            nodes: tmp
+          });
+          return {
+            _utime: time,
+            nodes: res
+          };
+        };
+        $scope.currentScope = scope;
+        sessionId = scope.$modelValue.session;
+        $http.get(`${scriptname}sessions/${sessionType}/${sessionId}`).then(function(response) {
+          $scope.currentSession = transformSession(response.data);
+          return $scope.currentSession.id = sessionId;
+        });
+        return $scope.showT = false;
+      };
+      $scope.localeDate = function(s) {
+        var d;
+        d = new Date(s * 1000);
+        return d.toLocaleString();
+      };
+      $scope.isValid = function(epoch,
+    type) {
+        var isValid,
+    now,
+    path;
+        path = $location.path();
+        now = Date.now() / 1000;
+        console.log("Path",
+    path);
+        console.log("Session epoch",
+    epoch);
+        console.log("Current date",
+    now);
+        console.log("Session TTL",
+    sessionTTL);
+        isValid = now - epoch < sessionTTL || $location.path().match(/^\/persistent/);
+        if (type === 'msg') {
+          console.log("Return msg");
+          if (isValid) {
+            return "info";
+          } else {
+            return "warning";
+          }
+        } else if (type === 'style') {
+          console.log("Return style");
+          if (isValid) {
+            return {};
+          } else {
+            return {
+              'color': '#627990',
+              'font-style': 'italic'
+            };
+          }
+        } else {
+          console.log("Return isValid");
+          return isValid;
+        }
+      };
+      $scope.strToLocaleDate = function(s) {
+        var arrayDate,
+    d;
+        arrayDate = s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);
+        if (!arrayDate.length) {
+          return s;
+        }
+        d = new Date(`${arrayDate[1]}-${arrayDate[2]}-${arrayDate[3]}T${arrayDate[4]}:${arrayDate[5]}:${arrayDate[6]}`);
+        return d.toLocaleString();
+      };
+      // Function to change interface language
+      $scope.getLanguage = function(lang) {
+        $scope.lang = lang;
+        $scope.form = 'white';
+        $scope.init();
+        return $scope.showM = false;
+      };
+      // URI local path management
+      pathEvent = function(event,
+    next,
+    current) {
+        var n;
+        n = next.match(/#!?\/(\w+)/);
+        sessionType = 'global';
+        if (n === null) {
+          $scope.type = '_whatToTrace';
+        } else if (n[1].match(/^(persistent|offline)$/)) {
+          sessionType = RegExp.$1;
+          $scope.type = '_session_uid';
+        } else {
+          $scope.type = n[1];
+        }
+        return $scope.init();
+      };
+      $scope.$on('$locationChangeSuccess',
+    pathEvent);
+      // Function to update tree: download value of opened subkey
+      autoId = 0;
+      $scope.updateTree = function(value,
+    node,
+    level,
+    over,
+    currentQuery,
+    count) {
+        var query,
+    scheme,
+    tmp;
+        $scope.waiting = true;
+        // Query scheme selection:
+
+        //  - if defined above
+        //  - _updateTime must be displayed as startTime
+        //  - default to _whatToTrace scheme
+        scheme = schemes[$scope.type] ? schemes[$scope.type] : $scope.type === '_updateTime' ? schemes._startTime : schemes._whatToTrace;
+        // Build query using schemes
+        query = scheme[level]($scope.type,
+    value,
+    currentQuery);
+        // If number of session exceeds "max" and overScheme exists, call it
+        if (count > max && overScheme[$scope.type]) {
+          if (tmp = overScheme[$scope.type]($scope.type,
+    value,
+    level,
+    over,
+    currentQuery)) {
+            over++;
+            query = tmp;
+            level = level - 1;
+          } else {
+            over = 0;
+          }
+        } else {
+          over = 0;
+        }
+        // Launch HTTP query
+        $http.get(`${scriptname}sessions/${sessionType}?${query}`).then(function(response) {
+          var data,
+    i,
+    len,
+    n,
+    ref;
+          data = response.data;
+          if (data.result) {
+            ref = data.values;
+            for (i = 0, len = ref.length; i < len; i++) {
+              n = ref[i];
+              autoId++;
+              n.id = `node${autoId}`;
+              if (level < scheme.length - 1) {
+                n.nodes = [];
+                n.level = level + 1;
+                n.query = query;
+                n.over = over;
+                // Date display in tree
+                if ($scope.type.match(/^(?:start|update)Time$/)) {
+                  // 12 digits -> 12:34
+                  n.title = n.value.replace(/^(\d{8})(\d{2})(\d{2})$/,
+    // 11 digits -> 12:30
+    '$2:$3').replace(/^(\d{8})(\d{2})(\d)$/,
+    // 10 digits -> 12h
+    '$2:$30').replace(/^(\d{8})(\d{2})$/,
+    //  8 digits -> 2016-03-15
+    '$2h').replace(/^(\d{4})(\d{2})(\d{2})/,
+    '$1-$2-$3');
+                }
+              }
+              node.push(n);
+            }
+            if (value === '') {
+              $scope.total = data.total;
+            }
+          }
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        // Highlight current selection
+        console.log("Selection",
+    sessionType);
+        $scope.navssoStyle = {
+          color: '#777'
+        };
+        $scope.offlineStyle = {
+          color: '#777'
+        };
+        $scope.persistentStyle = {
+          color: '#777'
+        };
+        if (sessionType === 'global') {
+          $scope.navssoStyle = {
+            color: '#333'
+          };
+        }
+        if (sessionType === 'offline') {
+          $scope.offlineStyle = {
+            color: '#333'
+          };
+        }
+        if (sessionType === 'persistent') {
+          return $scope.persistentStyle = {
+            color: '#333'
+          };
+        }
+      };
+      // Intialization function
+      // Simply set $scope.waiting to false during $translator and tree root
+      // initialization
+      $scope.init = function() {
+        $scope.waiting = true;
+        $scope.data = [];
+        $scope.currentScope = null;
+        $scope.currentSession = null;
+        $q.all([$translator.init($scope.lang),
+    $scope.updateTree('',
+    $scope.data,
+    0,
+    0)]).then(function() {
+          return $scope.waiting = false;
+        },
+    function(resp) {
+          return $scope.waiting = false;
+        });
+        // Colorized link
+        $scope.activeModule = "sessions";
+        return $scope.myStyle = {
+          color: '#ffb84d'
+        };
+      };
+      // Query scheme initialization
+      // Default to '_whatToTrace'
+      c = $location.path().match(/^\/(\w+)/);
+      return $scope.type = c ? c[1] : '_whatToTrace';
+    }
+  ]);
+
+}).call(this);
diff --git a/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js
new file mode 100644
index 0000000..9808bb3
--- /dev/null
+++ b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js
@@ -0,0 +1 @@
+!function(){var g={_whatToTrace:[function(e,t){return`groupBy=substr(${e},1)`},function(e,t){return e+`=${t}*&groupBy=`+e},function(e,t){return e+"="+t}],ipAddr:[function(e,t){return`groupBy=net(${e},16,1)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},32,2)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},48,3)`},function(e,t){return t.match(/:/)||(t+="."),e+`=${t}*&groupBy=net(${e},128,4)`},function(e,t){return e+`=${t}&groupBy=_whatToTrace`},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],_startTime:[function(e,t){return`groupBy=substr(${e},8)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},10)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},11)`},function(e,t){return e+`=${t}*&groupBy=substr(${e},12)`},function(e,t){return e+`=${t}*&groupBy=_whatToTrace`},function(e,t,n){return console.log(e),console.log(t),console.log(n),n.replace(/\&groupBy.*$/,"")+"&_whatToTrace="+t}],doubleIp:[function(e,t){return e},function(e,t){return`_whatToTrace=${t}&groupBy=ipAddr`},function(e,t,n){return n.replace(/\&groupBy.*$/,"")+"&ipAddr="+t}],_session_uid:[function(e,t){return`groupBy=substr(${e},1)`},function(e,t){return e+`=${t}*&groupBy=`+e},function(e,t){return e+"="+t}]},f={_whatToTrace:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),1===n&&t.length>o?e+`=${t}*&groupBy=substr(${e},${n+o+1})`:null},ipAddr:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),0<n&&n<4&&!t.match(/^\d+\.\d/)&&o<2?e+`=${t}*&groupBy=net(${e},${16*n+4*(o+1)},${1+n+o})`:null},_startTime:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),3<n?e+`=${t}*&groupBy=substr(${e},${10+n+o})`:null},_session_uid:function(e,t,n,o){return console.log("overScheme => level",n,"over",o),1===n&&t.length>o?e+`=${t}*&groupBy=substr(${e},${n+o+1})`:null}},O={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti","_2f"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token","_oidc_refresh_token","_oidc_access_token_eol","_oidcConnectedRP","_oidcConnectedRPIDs"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]},i={session:[{title:"deleteSession",icon:"trash"},{title:"globalLogout",icon:"trash"}],home:[]};angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(M,t,r,e,o){var p,n,d;return M.links=links,M.menulinks=menulinks,M.staticPrefix=staticPrefix,M.scriptname=scriptname,M.formPrefix=formPrefix,M.impPrefix=impPrefix,M.sessionTTL=sessionTTL,M.availableLanguages=availableLanguages,M.waiting=!0,M.showM=!1,M.showT=!0,M.data=[],M.currentScope=null,M.currentSession=null,M.menu=i,M.translateP=t.translateP,M.translate=t.translate,M.translateTitle=function(e){return t.translateField(e,"title")},d="global",M.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(M.currentNode,M);break;case"string":M[e.action]();break;default:console.log(typeof e.action)}return M.showM=!1},M.deleteOIDCConsent=function(e,t){var i=document.querySelectorAll(".data-"+t);return M.waiting=!0,o.delete(`${scriptname}sessions/OIDCConsent/${d}/${M.currentSession.id}?rp=${e}&epoch=`+t).then(function(e){var t,n,o,r;for(M.waiting=!1,r=[],n=0,o=i.length;n<o;n++)t=i[n],r.push(t.remove());return r},function(e){return M.waiting=!1}),M.showT=!1},M.deleteSession=function(){return M.waiting=!0,o.delete(scriptname+`sessions/${d}/`+M.currentSession.id).then(function(e){return M.currentSession=null,M.currentScope.remove(),M.waiting=!1},function(e){return M.waiting=!1})},M.globalLogout=function(){return M.waiting=!0,o.post(scriptname+`sessions/glogout/${d}/`+M.currentSession.id).then(function(e){return M.currentSession=null,M.currentScope.remove(),M.waiting=!1},function(e){return M.waiting=!1})},M.stoggle=function(e){var t=e.$modelValue;return 0===t.nodes.length&&M.updateTree(t.value,t.nodes,t.level,t.over,t.query,t.count),e.toggle()},M.displaySession=function(e){var t,n=function(p){var e,t,n,o,r,i,s,l,u,a,c,d,g,f,h,_,$,m,y,T,v,w,S,b,B,D,L,P,C,A,x,k,R,I,E=function(e,t){var n,o,r,i,s,l,u=[],a=new RegExp(e),c="";for(o in p)s=p[o],o.match(a)&&s&&(c+=s+`:${o},`,delete p[o]);if(c){for((i=(c=c.replace(/,$/,"")).split(",")).sort(),i.reverse(),n=0,r=i.length;n<r;n++)l=i[n].split(":"),u.push({title:l[1],value:M.localeDate(l[0])});return L.push({title:t,nodes:u})}},H=p._utime;for(c in p)(I=p[c])?("string"==typeof p&&I.match(/; /)&&(p[c]=I.split("; ")),"object"!=typeof p[c]&&("_password".match(new RegExp("\b"+c+"\b"))?p[c]="********":c.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)?p[c]=M.localeDate(I):c.match(/^(_startTime|_updateTime)$/)&&(p[c]=M.strToLocaleDate(I)))):delete p[c];for(o in L=[],O){for(A=[],l=0,g=(n=O[o]).length;l<g;l++){if(t=n[l],p[t])if("_2fDevices"===t&&p[t]){if(0<(e=JSON.parse(p[t])).length)for(A.push({title:"type",value:"name",epoch:"date",td:"0"}),u=0,f=e.length;u<f;u++){for(c in P=e[u])I=P[c],"type"===c&&(k=I),"name"===c&&(T=I),"epoch"===c&&(s=I);A.push({title:k,value:T,epoch:s,td:"1"})}}else if(p[t].toString().match(/"rp":\s*"[\w-]+"/))for(A.push({title:"RP",value:"scope",epoch:"date",td:"0"}),a=0,h=(e=JSON.parse(p[t])).length;a<h;a++){for(c in w=e[a])I=w[c],"rp"===c&&(k=I),"scope"===c&&(T=I),"epoch"===c&&(s=I);A.push({title:k,value:T,epoch:s,td:"2"})}else p[t].toString().match(/\w+/)&&A.push({title:t,value:p[t],epoch:""});delete p[t]}0<A.length&&L.push({title:`__${o}__`,nodes:A})}if(E("^openid","OpenID"),E("^notification_(.+)","__notificationsDone__"),p._loginHistory){if(R=[],p._loginHistory.successLogin)for(y=0,_=(B=p._loginHistory.successLogin).length;y<_;y++){for(c in r="",d=B[y])I=d[c],c.match(/^(_utime|ipAddr|error)$/)||(r+=`, ${c} : `+I);(x=r.split(", ")).sort(),r=x.join(", "),R.push({t:d._utime,title:M.localeDate(d._utime),value:`Success (IP ${d.ipAddr})`+r})}if(p._loginHistory.failedLogin)for(v=0,$=(D=p._loginHistory.failedLogin).length;v<$;v++){for(c in r="",d=D[v])I=d[c],c.match(/^(_utime|ipAddr|error)$/)||(r+=`, ${c} : `+I);(x=r.split(", ")).sort(),r=x.join(", "),R.push({t:d._utime,title:M.localeDate(d._utime),value:`Error ${d.error} (IP ${d.ipAddr})`+r})}delete p._loginHistory,R.sort(function(e,t){return t.t-e.t}),L.push({title:"__loginHistory__",nodes:R})}for(c in R=[],p)I=p[c],R.push({title:c,value:I});for(R.sort(function(e,t){return e.title>t.title?1:e.title<t.title?-1:0}),b=[],C=[],S=0,m=R.length;S<m;S++)((i=R[S]).title.match(new RegExp("^"+M.impPrefix+".+$"))?(console.log(i,"-> real attribute"),b):C).push(i);return R=C.concat(b),L.push({title:"__attributesAndMacros__",nodes:R}),{_utime:H,nodes:L}};return M.currentScope=e,t=e.$modelValue.session,o.get(scriptname+`sessions/${d}/`+t).then(function(e){return M.currentSession=n(e.data),M.currentSession.id=t}),M.showT=!1},M.localeDate=function(e){return new Date(1e3*e).toLocaleString()},M.isValid=function(e,t){var n=r.path(),o=Date.now()/1e3;return console.log("Path",n),console.log("Session epoch",e),console.log("Current date",o),console.log("Session TTL",sessionTTL),n=o-e<sessionTTL||r.path().match(/^\/persistent/),"msg"===t?(console.log("Return msg"),n?"info":"warning"):"style"===t?(console.log("Return style"),n?{}:{color:"#627990","font-style":"italic"}):(console.log("Return isValid"),n)},M.strToLocaleDate=function(e){var t=e.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);return t.length?new Date(`${t[1]}-${t[2]}-${t[3]}T${t[4]}:${t[5]}:`+t[6]).toLocaleString():e},M.getLanguage=function(e){return M.lang=e,M.form="white",M.init(),M.showM=!1},M.$on("$locationChangeSuccess",function(e,t,n){t=t.match(/#!?\/(\w+)/);return d="global",null===t?M.type="_whatToTrace":t[1].match(/^(persistent|offline)$/)?(d=RegExp.$1,M.type="_session_uid"):M.type=t[1],M.init()}),p=0,M.updateTree=function(i,s,l,u,e,t){var a,c;if(M.waiting=!0,c=g[M.type]||("_updateTime"===M.type?g._startTime:g._whatToTrace),a=c[l](M.type,i,e),25<t&&f[M.type]&&(t=f[M.type](M.type,i,l,u,e))?(u++,a=t,l-=1):u=0,o.get(scriptname+`sessions/${d}?`+a).then(function(e){var t,n,o,r,e=e.data;if(e.result){for(t=0,n=(r=e.values).length;t<n;t++)o=r[t],p++,o.id="node"+p,l<c.length-1&&(o.nodes=[],o.level=l+1,o.query=a,o.over=u,M.type.match(/^(?:start|update)Time$/))&&(o.title=o.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")),s.push(o);""===i&&(M.total=e.total)}return M.waiting=!1},function(e){return M.waiting=!1}),console.log("Selection",d),M.navssoStyle={color:"#777"},M.offlineStyle={color:"#777"},M.persistentStyle={color:"#777"},"global"===d&&(M.navssoStyle={color:"#333"}),"offline"===d&&(M.offlineStyle={color:"#333"}),"persistent"===d)return M.persistentStyle={color:"#333"}},M.init=function(){return M.waiting=!0,M.data=[],M.currentScope=null,M.currentSession=null,e.all([t.init(M.lang),M.updateTree("",M.data,0,0)]).then(function(){return M.waiting=!1},function(e){return M.waiting=!1}),M.activeModule="sessions",M.myStyle={color:"#ffb84d"}},n=r.path().match(/^\/(\w+)/),M.type=n?n[1]:"_whatToTrace"}])}.call(this);
\ No newline at end of file
diff --git a/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map
new file mode 100644
index 0000000..5c2425b
--- /dev/null
+++ b/manager/install/usr/share/lemonldap-ng/manager/htdocs/static/js/sessions.min.js.map
@@ -0,0 +1 @@
+{"version":3,"sources":["sessions.js"],"names":["schemes","_whatToTrace","t","v","ipAddr","match","q","replace","_startTime","console","log","doubleIp","_session_uid","overScheme","level","over","length","categories","dateTitle","connectionTitle","authenticationTitle","modulesTitle","saml","groups","ldap","OpenIDConnect","sfaTitle","oidcConsents","menu","session","title","icon","home","angular","module","controller","$scope","$translator","$location","$q","$http","autoId","c","sessionType","links","menulinks","staticPrefix","scriptname","formPrefix","impPrefix","sessionTTL","availableLanguages","waiting","showM","showT","data","currentScope","currentSession","translateP","translate","translateTitle","node","translateField","menuClick","button","popup","window","open","action","currentNode","deleteOIDCConsent","rp","epoch","items","document","querySelectorAll","id","then","response","e","i","len","results","push","remove","resp","deleteSession","globalLogout","stoggle","scope","$modelValue","nodes","updateTree","value","query","count","toggle","displaySession","sessionId","transformSession","array","attr","attrs","category","cv","element","j","k","key","l","len1","len2","len3","len4","len5","m","name","o","oidcConsent","p","real","ref","ref1","res","sfDevice","spoof","subres","tab","tmp","_insert","re","vk","reg","RegExp","split","sort","reverse","localeDate","time","_utime","strToLocaleDate","JSON","parse","td","toString","_loginHistory","successLogin","join","failedLogin","error","a","b","concat","get","s","Date","toLocaleString","isValid","type","path","now","color","font-style","arrayDate","getLanguage","lang","form","init","$on","event","next","current","n","$1","currentQuery","scheme","result","values","total","navssoStyle","offlineStyle","persistentStyle","all","activeModule","myStyle","call","this"],"mappings":"AACA,CAAA,WAOE,IAOAA,EAAU,CACRC,aAAc,CAEZ,SAASC,EACTC,GACE,wBAAyBD,MAC3B,EAEA,SAASA,EACTC,GACE,OAAUD,MAAKC,cAAcD,CAC/B,EACA,SAASA,EACTC,GACE,OAAUD,EAAH,IAAQC,CACjB,GAEFC,OAAQ,CACN,SAASF,EACTC,GACE,qBAAsBD,SACxB,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,SACnC,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,SACnC,EACA,SAASA,EACTC,GAIE,OAHKA,EAAEE,MAAM,GAAG,IACdF,GAAQ,KAEAD,MAAKC,kBAAkBD,UACnC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,wBACjB,EACA,SAASD,EACTC,EACAG,GACE,OAAOA,EAAEC,QAAQ,eACnB,EAAE,EAAI,iBAAiBJ,CACvB,GAEFK,WAAY,CACV,SAASN,EACTC,GACE,wBAAyBD,MAC3B,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,qBAAqBD,OACtC,EACA,SAASA,EACTC,GACE,OAAUD,MAAKC,yBACjB,EACA,SAASD,EACTC,EACAG,GAIE,OAHAG,QAAQC,IAAIR,CAAC,EACbO,QAAQC,IAAIP,CAAC,EACbM,QAAQC,IAAIJ,CAAC,EACNA,EAAEC,QAAQ,eACnB,EAAE,EAAI,iBAAiBJ,CACvB,GAEFQ,SAAU,CACR,SAAST,EACTC,GACE,OAAOD,CACT,EACA,SAASA,EACTC,GACE,sBAAuBA,kBACzB,EACA,SAASD,EACTC,EACAG,GACE,OAAOA,EAAEC,QAAQ,eACnB,EAAE,EAAI,WAAWJ,CACjB,GAEFS,aAAc,CAEZ,SAASV,EACTC,GACE,wBAAyBD,MAC3B,EAEA,SAASA,EACTC,GACE,OAAUD,MAAKC,cAAcD,CAC/B,EACA,SAASA,EACTC,GACE,OAAUD,EAAH,IAAQC,CACjB,EAEJ,EAKAU,EAAa,CACXZ,aAAc,SAASC,EAAGC,EAAGW,EAAOC,GAIlC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EACxC,IAAVD,GAAeX,EAAEa,OAASD,EAClBb,MAAKC,qBAAqBD,KAAKY,EAAQC,EAAO,KAEjD,IAEX,EAEAX,OAAQ,SAASF,EAAGC,EAAGW,EAAOC,GAE5B,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EAC1C,EAARD,GAAaA,EAAQ,GAAK,CAACX,EAAEE,MAAM,UAAU,GAAKU,EAAO,EACjDb,MAAKC,kBAAkBD,KAAK,GAAKY,EAAQ,GAAKC,EAAO,MAAM,EAAID,EAAQC,KAE1E,IAEX,EACAP,WAAY,SAASN,EAAGC,EAAGW,EAAOC,GAEhC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EAC1C,EAARD,EACQZ,MAAKC,qBAAqBD,KAAK,GAAKY,EAAQC,KAE/C,IAEX,EACAH,aAAc,SAASV,EAAGC,EAAGW,EAAOC,GAElC,OADAN,QAAQC,IAAI,sBAAuBI,EAAO,OAAQC,CAAI,EACxC,IAAVD,GAAeX,EAAEa,OAASD,EAClBb,MAAKC,qBAAqBD,KAAKY,EAAQC,EAAO,KAEjD,IAEX,CACF,EAKAE,EAAa,CACXC,UAAW,CAAC,SAAU,aAAc,cAAe,kBAAmB,aACtEC,gBAAiB,CAAC,SAAU,YAAa,QACzCC,oBAAqB,CAAC,cAAe,QAAS,YAAa,uBAC3DC,aAAc,CAAC,QAAS,UAAW,cAAe,YAAa,cAAe,aAAc,eAAgB,OAC5GC,KAAM,CAAC,OAAQ,cAAe,aAAc,oBAAqB,sBACjEC,OAAQ,CAAC,SAAU,WACnBC,KAAM,CAAC,MACPC,cAAe,CAAC,iBAAkB,WAAY,qBAAsB,sBAAuB,yBAA0B,mBAAoB,uBACzIC,SAAU,CAAC,cACXC,aAAc,CAAC,gBACjB,EAGAC,EAAO,CACLC,QAAS,CACP,CACEC,MAAO,gBACPC,KAAM,OACR,EACA,CACED,MAAO,eACPC,KAAM,OACR,GAEFC,KAAM,EACR,EAEQC,QAAQC,OAAO,uBAAwB,CAAC,UAAW,eAAgB,QAAQ,EAG7EC,WAAW,uBAAwB,CACvC,SACA,cACA,YACA,KACA,QACA,SAASC,EACTC,EACAC,EACAC,EACAC,GACE,IAAIC,EACNC,EAEAC,EA2nBE,OA1nBAP,EAAOQ,MAAQA,MACfR,EAAOS,UAAYA,UACnBT,EAAOU,aAAeA,aACtBV,EAAOW,WAAaA,WACpBX,EAAOY,WAAaA,WACpBZ,EAAOa,UAAYA,UACnBb,EAAOc,WAAaA,WACpBd,EAAOe,mBAAqBA,mBAC5Bf,EAAOgB,QAAU,CAAA,EACjBhB,EAAOiB,MAAQ,CAAA,EACfjB,EAAOkB,MAAQ,CAAA,EACflB,EAAOmB,KAAO,GACdnB,EAAOoB,aAAe,KACtBpB,EAAOqB,eAAiB,KACxBrB,EAAOR,KAAOA,EAEdQ,EAAOsB,WAAarB,EAAYqB,WAChCtB,EAAOuB,UAAYtB,EAAYsB,UAC/BvB,EAAOwB,eAAiB,SAASC,GAC/B,OAAOxB,EAAYyB,eAAeD,EACtC,OAAO,CACL,EACAlB,EAAc,SAEdP,EAAO2B,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACTC,OAAOC,KAAKH,EAAOC,KAAK,OAKxB,OAHKD,EAAOI,SACVJ,EAAOI,OAASJ,EAAOlC,OAEjB,OAAOkC,EAAOI,QACpB,IAAK,WACHJ,EAAOI,OAAOhC,EAAOiC,YAC/BjC,CAAM,EACI,MACF,IAAK,SACHA,EAAO4B,EAAOI,QAAQ,EACtB,MACF,QACE3D,QAAQC,IAAI,OAAOsD,EAAOI,MAAM,CACpC,CAEF,OAAOhC,EAAOiB,MAAQ,CAAA,CACxB,EAIAjB,EAAOkC,kBAAoB,SAASC,EACtCC,GACI,IACAC,EAAQC,SAASC,iBAAiB,SAASH,CAAO,EAkBlD,OAjBApC,EAAOgB,QAAU,CAAA,EACjBZ,EAAc,UAAKO,kCAAkCJ,KAAeP,EAAOqB,eAAemB,SAASL,WAAYC,CAAO,EAAEK,KAAK,SAASC,GACpI,IAAIC,EACVC,EACAC,EACAC,EAGM,IAFA9C,EAAOgB,QAAU,CAAA,EACjB8B,EAAU,GACLF,EAAI,EAAGC,EAAMR,EAAMzD,OAAQgE,EAAIC,EAAKD,CAAC,GACxCD,EAAIN,EAAMO,GACVE,EAAQC,KAAKJ,EAAEK,OAAO,CAAC,EAEzB,OAAOF,CACT,EACJ,SAASG,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EACMhB,EAAOkB,MAAQ,CAAA,CACxB,EAEAlB,EAAOkD,cAAgB,WAErB,OADAlD,EAAOgB,QAAU,CAAA,EACVZ,EAAc,OAAKO,uBAAsBJ,KAAeP,EAAOqB,eAAemB,EAAI,EAAEC,KAAK,SAASC,GAGvG,OAFA1C,EAAOqB,eAAiB,KACxBrB,EAAOoB,aAAa4B,OAAO,EACpBhD,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,CACH,EACAhB,EAAOmD,aAAe,WAEpB,OADAnD,EAAOgB,QAAU,CAAA,EACVZ,EAAY,KAAKO,+BAA8BJ,KAAeP,EAAOqB,eAAemB,EAAI,EAAEC,KAAK,SAASC,GAG7G,OAFA1C,EAAOqB,eAAiB,KACxBrB,EAAOoB,aAAa4B,OAAO,EACpBhD,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,CACH,EAEAhB,EAAOoD,QAAU,SAASC,GACxB,IACA5B,EAAO4B,EAAMC,YASb,OAR0B,IAAtB7B,EAAK8B,MAAM3E,QACboB,EAAOwD,WAAW/B,EAAKgC,MAC7BhC,EAAK8B,MACL9B,EAAK/C,MACL+C,EAAK9C,KACL8C,EAAKiC,MACLjC,EAAKkC,KAAK,EAECN,EAAMO,OAAO,CACtB,EAEA5D,EAAO6D,eAAiB,SAASR,GAC/B,IAAIS,EAKJC,EAAmB,SAAStE,GAC1B,IACNuE,EACAC,EACAC,EACAC,EACAC,EACAC,EACAjC,EACAQ,EACA0B,EACAC,EACAC,EACAC,EACA5B,EACA6B,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EAEAjG,EACAkG,EACAnC,EACMoC,EAAU,SAASC,EACzBpG,GACQ,IACRkD,EACA4B,EACA3B,EAEA8C,EAGAlC,EACAsC,EACQH,EAAM,GACNI,EAAM,IAAIC,OAAOH,CAAE,EACnB1B,EAAK,GACL,IAAKI,KAAO/E,EACVgE,EAAQhE,EAAQ+E,GACZA,EAAIvG,MAAM+H,CAAG,GAAKvC,IACpBW,GAASX,MAASe,KAClB,OAAO/E,EAAQ+E,IAGnB,GAAIJ,EAAI,CAMN,KAHAuB,GAFAvB,EAAKA,EAAGjG,QAAQ,KAC1B,EAAE,GACiB+H,MAAM,GAAG,GACdC,KAAK,EACTR,EAAIS,QAAQ,EACPxD,EAAI,EAAGC,EAAM8C,EAAI/G,OAAQgE,EAAIC,EAAKD,CAAC,GAEtCmD,EADMJ,EAAI/C,GACDsD,MAAM,GAAG,EAClBN,EAAI7C,KAAK,CACPrD,MAAOqG,EAAG,GACVtC,MAAOzD,EAAOqG,WAAWN,EAAG,EAAE,CAChC,CAAC,EAEH,OAAOR,EAAIxC,KAAK,CACdrD,MAAOA,EACP6D,MAAOqC,CACT,CAAC,CACH,CACF,EACAU,EAAO7G,EAAQ8G,OAEf,IAAK/B,KAAO/E,GACVgE,EAAQhE,EAAQ+E,KAIS,UAAnB,OAAO/E,GAAwBgE,EAAMxF,MAAM,IAAI,IACjDwB,EAAQ+E,GAAOf,EAAMyC,MAAM,IAAI,GAEL,UAAxB,OAAOzG,EAAQ+E,KA7PZ,YA8PgBvG,MAAM,IAAIgI,OAAO,KAAOzB,EAAM,IAAI,CAAC,EACtD/E,EAAQ+E,GAAO,WACNA,EAAIvG,MAAM,mDAAmD,EACtEwB,EAAQ+E,GAAOxE,EAAOqG,WAAW5C,CAAK,EAC7Be,EAAIvG,MAAM,4BAA4B,IAC/CwB,EAAQ+E,GAAOxE,EAAOwG,gBAAgB/C,CAAK,KAX/C,OAAOhE,EAAQ+E,GAkBnB,IAAKL,KAFLoB,EAAM,GAEW1G,EAAY,CAG3B,IADA6G,EAAS,GACJ9C,EAAI,EAAGC,GAFZqB,EAAQrF,EAAWsF,IAEKvF,OAAQgE,EAAIC,EAAKD,CAAC,GAAI,CAE5C,GADAqB,EAAOC,EAAMtB,GACTnD,EAAQwE,GACV,GAAa,eAATA,GAAyBxE,EAAQwE,IAEnC,GAAmB,GADnBD,EAAQyC,KAAKC,MAAMjH,EAAQwE,EAAK,GACtBrF,OAOR,IANA8G,EAAO3C,KAAK,CACVrD,MAAO,OACP+D,MAAO,OACPrB,MAAO,OACPuE,GAAI,GACN,CAAC,EACIrC,EAAI,EAAGI,EAAOV,EAAMpF,OAAQ0F,EAAII,EAAMJ,CAAC,GAAI,CAE9C,IAAKE,KADLgB,EAAWxB,EAAMM,GAEfb,EAAQ+B,EAAShB,GACL,SAARA,IACF9E,EAAQ+D,GAEE,SAARe,IACFQ,EAAOvB,GAEG,UAARe,IACFpC,EAAQqB,GAGZiC,EAAO3C,KAAK,CACVrD,MAAOA,EACP+D,MAAOuB,EACP5C,MAAOA,EACPuE,GAAI,GACN,CAAC,CACH,CACF,MAEK,GAAIlH,EAAQwE,GAAM2C,SAAS,EAAE3I,MAAM,kBAAkB,EAQ1D,IAPAyH,EAAO3C,KAAK,CACVrD,MAAO,KACP+D,MAAO,QACPrB,MAAO,OACPuE,GAAI,GACN,CAAC,EAEIpC,EAAI,EAAGI,GADZX,EAAQyC,KAAKC,MAAMjH,EAAQwE,EAAK,GACPrF,OAAQ2F,EAAII,EAAMJ,CAAC,GAAI,CAE9C,IAAKC,KADLU,EAAclB,EAAMO,GAElBd,EAAQyB,EAAYV,GACR,OAARA,IACF9E,EAAQ+D,GAEE,UAARe,IACFQ,EAAOvB,GAEG,UAARe,IACFpC,EAAQqB,GAGZiC,EAAO3C,KAAK,CACVrD,MAAOA,EACP+D,MAAOuB,EACP5C,MAAOA,EACPuE,GAAI,GACN,CAAC,CACH,MAESlH,EAAQwE,GAAM2C,SAAS,EAAE3I,MAAM,KAAK,GAC7CyH,EAAO3C,KAAK,CACVrD,MAAOuE,EACPR,MAAOhE,EAAQwE,GACf7B,MAAO,EACT,CAAC,EAMH,OAAO3C,EAAQwE,EAEnB,CACoB,EAAhByB,EAAO9G,QACT2G,EAAIxC,KAAK,CACPrD,WAAYyE,MACZZ,MAAOmC,CACT,CAAC,CAEL,CAOA,GALAG,EAAQ,UACd,QAAQ,EACFA,EAAQ,qBACd,uBAAuB,EAEbpG,EAAQoH,cAAe,CAEzB,GADAjB,EAAM,GACFnG,EAAQoH,cAAcC,aAExB,IAAK/B,EAAI,EAAGH,GADZS,EAAM5F,EAAQoH,cAAcC,cACLlI,OAAQmG,EAAIH,EAAMG,CAAC,GAAI,CAI5C,IAAKP,KADLJ,EAAK,GAFLK,EAAIY,EAAIN,GAINtB,EAAQgB,EAAED,GACLA,EAAIvG,MAAM,yBAAyB,IACtCmG,QAAWI,OAASf,IAGxBkC,EAAMvB,EAAG8B,MAAM,IAAI,GACfC,KAAK,EACT/B,EAAKuB,EAAIoB,KAAK,IAAI,EAClBnB,EAAI7C,KAAK,CACPjF,EAAG2G,EAAE8B,OACL7G,MAAOM,EAAOqG,WAAW5B,EAAE8B,MAAM,EACjC9C,qBAAsBgB,EAAEzG,UAAYoG,CACtC,CAAC,CACH,CAEF,GAAI3E,EAAQoH,cAAcG,YAExB,IAAK/B,EAAI,EAAGJ,GADZS,EAAO7F,EAAQoH,cAAcG,aACLpI,OAAQqG,EAAIJ,EAAMI,CAAC,GAAI,CAI7C,IAAKT,KADLJ,EAAK,GAFLK,EAAIa,EAAKL,GAIPxB,EAAQgB,EAAED,GACLA,EAAIvG,MAAM,yBAAyB,IACtCmG,QAAWI,OAASf,IAGxBkC,EAAMvB,EAAG8B,MAAM,IAAI,GACfC,KAAK,EACT/B,EAAKuB,EAAIoB,KAAK,IAAI,EAClBnB,EAAI7C,KAAK,CACPjF,EAAG2G,EAAE8B,OACL7G,MAAOM,EAAOqG,WAAW5B,EAAE8B,MAAM,EACjC9C,eAAgBgB,EAAEwC,aAAaxC,EAAEzG,UAAYoG,CAC/C,CAAC,CACH,CAEF,OAAO3E,EAAQoH,cACfjB,EAAIO,KAAK,SAASe,EAC1BC,GACU,OAAOA,EAAErJ,EAAIoJ,EAAEpJ,CACjB,CAAC,EACDyH,EAAIxC,KAAK,CACPrD,MAAO,mBACP6D,MAAOqC,CACT,CAAC,CACH,CAGA,IAAKpB,KADLoB,EAAM,GACMnG,EACVgE,EAAQhE,EAAQ+E,GAChBoB,EAAI7C,KAAK,CACPrD,MAAO8E,EACPf,MAAOA,CACT,CAAC,EAeH,IAbAmC,EAAIO,KAAK,SAASe,EACxBC,GACQ,OAAID,EAAExH,MAAQyH,EAAEzH,MACP,EACEwH,EAAExH,MAAQyH,EAAEzH,MACd,CAAC,EAED,CAEX,CAAC,EAED0F,EAAO,GACPK,EAAQ,GACHN,EAAI,EAAGL,EAAOc,EAAIhH,OAAQuG,EAAIL,EAAMK,CAAC,KACxCd,EAAUuB,EAAIT,IACFzF,MAAMzB,MAAM,IAAIgI,OAAO,IAAMjG,EAAOa,UAAY,KAAK,CAAC,GAChExC,QAAQC,IAAI+F,EACtB,mBAAmB,EACTe,GAGAK,GAHK1C,KAAKsB,CAAO,EAWrB,OALAuB,EAAMH,EAAM2B,OAAOhC,CAAI,EACvBG,EAAIxC,KAAK,CACPrD,MAAO,0BACP6D,MAAOqC,CACT,CAAC,EACM,CACLW,OAAQD,EACR/C,MAAOgC,CACT,CACF,EAOA,OANAvF,EAAOoB,aAAeiC,EACtBS,EAAYT,EAAMC,YAAY7D,QAC9BW,EAAMiH,IAAO1G,uBAAsBJ,KAAeuD,CAAW,EAAErB,KAAK,SAASC,GAE3E,OADA1C,EAAOqB,eAAiB0C,EAAiBrB,EAASvB,IAAI,EAC/CnB,EAAOqB,eAAemB,GAAKsB,CACpC,CAAC,EACM9D,EAAOkB,MAAQ,CAAA,CACxB,EACAlB,EAAOqG,WAAa,SAASiB,GAG3B,OADI,IAAIC,KAAS,IAAJD,CAAQ,EACZE,eAAe,CAC1B,EACAxH,EAAOyH,QAAU,SAASrF,EAC5BsF,GACI,IAGAC,EAAOzH,EAAUyH,KAAK,EACtBC,EAAML,KAAKK,IAAI,EAAI,IAUnB,OATAvJ,QAAQC,IAAI,OAChBqJ,CAAI,EACAtJ,QAAQC,IAAI,gBAChB8D,CAAK,EACD/D,QAAQC,IAAI,eAChBsJ,CAAG,EACCvJ,QAAQC,IAAI,cAChBwC,UAAU,EACN2G,EAAUG,EAAMxF,EAAQtB,YAAcZ,EAAUyH,KAAK,EAAE1J,MAAM,eAAe,EAC/D,QAATyJ,GACFrJ,QAAQC,IAAI,YAAY,EACpBmJ,EACK,OAEA,WAES,UAATC,GACTrJ,QAAQC,IAAI,cAAc,EACtBmJ,EACK,GAEA,CACLI,MAAS,UACTC,aAAc,QAChB,IAGFzJ,QAAQC,IAAI,gBAAgB,EACrBmJ,EAEX,EACAzH,EAAOwG,gBAAkB,SAASc,GAChC,IAEAS,EAAYT,EAAErJ,MAAM,8CAA8C,EAClE,OAAK8J,EAAUnJ,OAGX,IAAI2I,QAAQQ,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,MAAMA,EAAU,EAAI,EACrGP,eAAe,EAHfF,CAIX,EAEAtH,EAAOgI,YAAc,SAASC,GAI5B,OAHAjI,EAAOiI,KAAOA,EACdjI,EAAOkI,KAAO,QACdlI,EAAOmI,KAAK,EACLnI,EAAOiB,MAAQ,CAAA,CACxB,EAkBAjB,EAAOoI,IAAI,yBAhBC,SAASC,EACvBC,EACAC,GAEIC,EAAIF,EAAKrK,MAAM,YAAY,EAU3B,OATAsC,EAAc,SACJ,OAANiI,EACFxI,EAAO0H,KAAO,eACLc,EAAE,GAAGvK,MAAM,wBAAwB,GAC5CsC,EAAc0F,OAAOwC,GACrBzI,EAAO0H,KAAO,gBAEd1H,EAAO0H,KAAOc,EAAE,GAEXxI,EAAOmI,KAAK,CACrB,CAEO,EAEP9H,EAAS,EACTL,EAAOwD,WAAa,SAASC,EAC/BhC,EACA/C,EACAC,EACA+J,EACA/E,GACI,IAAID,EACRiF,EA8FI,GA5FA3I,EAAOgB,QAAU,CAAA,EAMjB2H,EAAS/K,EAAQoC,EAAO0H,QAA+C,gBAAhB1H,EAAO0H,KAAyB9J,EAAQQ,WAAaR,EAAQC,cAEpH6F,EAAQiF,EAAOjK,GAAOsB,EAAO0H,KACjCjE,EACAiF,CAAY,EA5tBR,GA8tBI/E,GAAelF,EAAWuB,EAAO0H,QAC/B9B,EAAMnH,EAAWuB,EAAO0H,MAAM1H,EAAO0H,KAC/CjE,EACA/E,EACAC,EACA+J,CAAY,IACJ/J,CAAI,GACJ+E,EAAQkC,EACRlH,GAAgB,GAKlBC,EAAO,EAGTyB,EAAMiH,IAAO1G,uBAAsBJ,KAAemD,CAAO,EAAEjB,KAAK,SAASC,GACvE,IACNE,EACAC,EACA2F,EACAnD,EACMlE,EAAOuB,EAASvB,KAChB,GAAIA,EAAKyH,OAAQ,CAEf,IAAKhG,EAAI,EAAGC,GADZwC,EAAMlE,EAAK0H,QACWjK,OAAQgE,EAAIC,EAAKD,CAAC,GACtC4F,EAAInD,EAAIzC,GACRvC,CAAM,GACNmI,EAAEhG,GAAK,OAAOnC,EACV3B,EAAQiK,EAAO/J,OAAS,IAC1B4J,EAAEjF,MAAQ,GACViF,EAAE9J,MAAQA,EAAQ,EAClB8J,EAAE9E,MAAQA,EACV8E,EAAE7J,KAAOA,EAELqB,EAAO0H,KAAKzJ,MAAM,wBAAwB,KAE5CuK,EAAE9I,MAAQ8I,EAAE/E,MAAMtF,QAAQ,0BAExC,OAAO,EAAEA,QAAQ,uBAEjB,QAAQ,EAAEA,QAAQ,mBAElB,KAAK,EAAEA,QAAQ,yBACf,UAAU,GAGAsD,EAAKsB,KAAKyF,CAAC,EAEC,KAAV/E,IACFzD,EAAO8I,MAAQ3H,EAAK2H,MAExB,CACA,OAAO9I,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EAED3C,QAAQC,IAAI,YAChBiC,CAAW,EACPP,EAAO+I,YAAc,CACnBlB,MAAO,MACT,EACA7H,EAAOgJ,aAAe,CACpBnB,MAAO,MACT,EACA7H,EAAOiJ,gBAAkB,CACvBpB,MAAO,MACT,EACoB,WAAhBtH,IACFP,EAAO+I,YAAc,CACnBlB,MAAO,MACT,GAEkB,YAAhBtH,IACFP,EAAOgJ,aAAe,CACpBnB,MAAO,MACT,GAEkB,eAAhBtH,EACF,OAAOP,EAAOiJ,gBAAkB,CAC9BpB,MAAO,MACT,CAEJ,EAIA7H,EAAOmI,KAAO,WAiBZ,OAhBAnI,EAAOgB,QAAU,CAAA,EACjBhB,EAAOmB,KAAO,GACdnB,EAAOoB,aAAe,KACtBpB,EAAOqB,eAAiB,KACxBlB,EAAG+I,IAAI,CAACjJ,EAAYkI,KAAKnI,EAAOiI,IAAI,EACxCjI,EAAOwD,WAAW,GAClBxD,EAAOmB,KACP,EACA,CAAC,EAAE,EAAEsB,KAAK,WACJ,OAAOzC,EAAOgB,QAAU,CAAA,CAC1B,EACJ,SAASiC,GACH,OAAOjD,EAAOgB,QAAU,CAAA,CAC1B,CAAC,EAEDhB,EAAOmJ,aAAe,WACfnJ,EAAOoJ,QAAU,CACtBvB,MAAO,SACT,CACF,EAGAvH,EAAIJ,EAAUyH,KAAK,EAAE1J,MAAM,UAAU,EAC9B+B,EAAO0H,KAAOpH,EAAIA,EAAE,GAAK,cAClC,EACD,CAEF,EAAE+I,KAAKC,IAAI"}
\ No newline at end of file