diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
index 20388d9c7..22547730f 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
@@ -70,7 +70,7 @@ sub data {
 sub wantJSON {
     return 1
       if ( defined $_[0]->accept
-        and $_[0]->accept =~ m#(?:application|text)/json# );
+        and $_[0]->env->{HTTP_ACCEPT} =~ m#(?:application|text)/json#i );
     return 0;
 }
 
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm
index c5c587406..ae1bd732a 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm
@@ -20,8 +20,8 @@ sub fetchId {
     }
 
     # Get access token session
-    if ( my $infos = $class->getOIDCInfos($access_token) ) {
-        my $_session_id = $infos->{user_session_id};
+    my $infos = $class->getOIDCInfos($access_token);
+    if ( my $_session_id = $infos->{user_session_id} ) {
         $class->logger->debug( 'Get user session id ' . $_session_id );
         return $_session_id;
     }
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
index 1d441bd13..d8f90c603 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm
@@ -142,11 +142,13 @@ sub javascript {
     my ( $self, $req ) = @_;
     my $res = $self->diffRule->( $req, $req->{userData} ) || 0;
     my $impPrefix = $self->{impersonationPrefix};
+    my $ttl = $self->{timeout} || 72000;
 
     return
 'var formPrefix=staticPrefix+"forms/";var confPrefix=scriptname+"confs/";var viewPrefix=scriptname+"view/";'
       . 'var allowDiff=' . "$res;"
       . 'var impPrefix=' . "'" . $impPrefix . "'" . ';'
+      . 'var sessionTTL=' . "$ttl;"
       . ( $self->links ? 'var links=' . to_json( $self->links ) . ';' : '' )
       . (
         $self->menuLinks
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
index 9512880db..e43be2ed5 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
@@ -642,6 +642,16 @@ sub tests {
             # Return
             return 1;
         },
+
+        # Warn if Impersonation is enabled without prefix
+        impersonationPrefix => sub {
+            return 1 unless ( $conf->{impersonationRule} );
+            return ( 1, "Impersonation is enabled without real attributes prefix" )
+              unless ( $conf->{impersonationPrefix} );
+
+            # Return
+            return 1;
+        },
     };
 }
 
diff --git a/lemonldap-ng-manager/site/coffee/sessions.coffee b/lemonldap-ng-manager/site/coffee/sessions.coffee
index f972e7aa3..3e3b8d862 100644
--- a/lemonldap-ng-manager/site/coffee/sessions.coffee
+++ b/lemonldap-ng-manager/site/coffee/sessions.coffee
@@ -108,6 +108,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
 	$scope.scriptname = scriptname
 	$scope.formPrefix = formPrefix
 	$scope.impPrefix = impPrefix
+	$scope.sessionTTL = sessionTTL
 	$scope.availableLanguages = availableLanguages
 	$scope.waiting = true
 	$scope.showM = false
@@ -352,6 +353,15 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
 		d = new Date(s * 1000)
 		return d.toLocaleString()
 
+	$scope.isValid = (epoch) ->
+		now = Date.now() / 1000
+		valid = now - epoch < $scope.sessionTTL
+		console.log "session epoch", epoch
+		console.log "current date", now
+		console.log "sessions TTL", sessionTTL
+		console.log "Valid ?", valid
+		return valid
+
 	$scope.strToLocaleDate = (s) ->
 		arrayDate = s.match /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/
 		return s unless arrayDate.length
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/sessions.js b/lemonldap-ng-manager/site/htdocs/static/js/sessions.js
index 2bcae4d65..8cb905b04 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/sessions.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/sessions.js
@@ -131,6 +131,7 @@
       $scope.scriptname = scriptname;
       $scope.formPrefix = formPrefix;
       $scope.impPrefix = impPrefix;
+      $scope.sessionTTL = sessionTTL;
       $scope.availableLanguages = availableLanguages;
       $scope.waiting = true;
       $scope.showM = false;
@@ -432,6 +433,16 @@
         d = new Date(s * 1000);
         return d.toLocaleString();
       };
+      $scope.isValid = function(epoch) {
+        var now, valid;
+        now = Date.now() / 1000;
+        valid = now - epoch < $scope.sessionTTL;
+        console.log("session epoch", epoch);
+        console.log("current date", now);
+        console.log("sessions TTL", sessionTTL);
+        console.log("Valid ?", valid);
+        return valid;
+      };
       $scope.strToLocaleDate = function(s) {
         var arrayDate, d;
         arrayDate = s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);
diff --git a/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js b/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js
index 5179d4a1e..f41e80db9 100644
--- a/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js
+++ b/lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js
@@ -1 +1 @@
-(function(){var categories,hiddenAttributes,llapp,max,menu,overScheme,schemes;max=25;schemes={_whatToTrace:[function(t,v){return"groupBy=substr("+t+",1)"},function(t,v){return t+"="+v+"*&groupBy="+t},function(t,v){return t+"="+v}],ipAddr:[function(t,v){return"groupBy=net("+t+",16,1)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",32,2)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",48,3)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",128,4)"},function(t,v){return t+"="+v+"&groupBy=_whatToTrace"},function(t,v,q){return q.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+v)}],_startTime:[function(t,v){return"groupBy=substr("+t+",8)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",10)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",11)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",12)"},function(t,v){return t+"="+v+"*&groupBy=_whatToTrace"},function(t,v,q){console.log(t);console.log(v);console.log(q);return q.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+v)}],doubleIp:[function(t,v){return t},function(t,v){return"_whatToTrace="+v+"&groupBy=ipAddr"},function(t,v,q){return q.replace(/\&groupBy.*$/,"")+("&ipAddr="+v)}]};overScheme={_whatToTrace:function(t,v,level,over){if(level===1&&v.length>over){return t+"="+v+"*&groupBy=substr("+t+","+(level+over+1)+")"}else{return null}},ipAddr:function(t,v,level,over){if(level>0&&level<4){return t+"="+v+"*&groupBy=net("+t+","+(16*level+4*(over+1))+",2)"}else{return null}}};hiddenAttributes="_password";categories={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]};menu={session:[{title:"deleteSession",icon:"trash"}],home:[]};llapp=angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]);llapp.controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function($scope,$translator,$location,$q,$http){var autoId,c,pathEvent,sessionType;$scope.links=links;$scope.menulinks=menulinks;$scope.staticPrefix=staticPrefix;$scope.scriptname=scriptname;$scope.formPrefix=formPrefix;$scope.impPrefix=impPrefix;$scope.availableLanguages=availableLanguages;$scope.waiting=true;$scope.showM=false;$scope.showT=true;$scope.data=[];$scope.currentScope=null;$scope.currentSession=null;$scope.menu=menu;$scope.translateP=$translator.translateP;$scope.translate=$translator.translate;$scope.translateTitle=function(node){return $translator.translateField(node,"title")};sessionType="global";$scope.menuClick=function(button){if(button.popup){window.open(button.popup)}else{if(!button.action){button.action=button.title}switch(typeof button.action){case"function":button.action($scope.currentNode,$scope);break;case"string":$scope[button.action]();break;default:console.log(typeof button.action)}}return $scope.showM=false};$scope.deleteOIDCConsent=function(rp,epoch){var item;item=angular.element(".data-"+epoch);item.remove();$scope.waiting=true;$http["delete"](scriptname+"sessions/OIDCConsent/"+sessionType+"/"+$scope.currentSession.id+"?rp="+rp+"&epoch="+epoch).then(function(response){return $scope.waiting=false},function(resp){return $scope.waiting=false});return $scope.showT=false};$scope.deleteSession=function(){$scope.waiting=true;return $http["delete"](scriptname+"sessions/"+sessionType+"/"+$scope.currentSession.id).then(function(response){$scope.currentSession=null;$scope.currentScope.remove();return $scope.waiting=false},function(resp){$scope.currentSession=null;$scope.currentScope.remove();return $scope.waiting=false})};$scope.stoggle=function(scope){var node;node=scope.$modelValue;if(node.nodes.length===0){$scope.updateTree(node.value,node.nodes,node.level,node.over,node.query,node.count)}return scope.toggle()};$scope.displaySession=function(scope){var sessionId,transformSession;transformSession=function(session){var _insert,array,attr,attrs,category,cv,element,epoch,i,id,j,k,key,l,len,len1,len2,len3,len4,len5,m,name,o,oidcConsent,p,real,ref,ref1,res,sfDevice,spoof,subres,time,title,tmp,value;_insert=function(re,title){var key,reg,tmp,value;tmp=[];reg=new RegExp(re);for(key in session){value=session[key];if(key.match(reg)&&value){tmp.push({title:key,value:value});delete session[key]}}if(tmp.length>0){return res.push({title:title,nodes:tmp})}};time=session._utime;id=session._session_id;for(key in session){value=session[key];if(!value){delete session[key]}else{if(typeof session==="string"&&value.match(/; /)){session[key]=value.split("; ")}if(typeof session[key]!=="object"){if(hiddenAttributes.match(new RegExp("\b"+key+"\b"))){session[key]="********"}else if(key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)){session[key]=$scope.localeDate(value)}else if(key.match(/^(_startTime|_updateTime)$/)){session[key]=$scope.strToLocaleDate(value)}}}}res=[];for(category in categories){attrs=categories[category];subres=[];for(i=0,len=attrs.length;i<len;i++){attr=attrs[i];if(session[attr]){if(session[attr].toString().match(/"type":\s*"(?:TOTP|U2F|UBK)"/)){subres.push({title:"type",value:"name",epoch:"date",td:"0"});array=JSON.parse(session[attr]);for(j=0,len1=array.length;j<len1;j++){sfDevice=array[j];for(key in sfDevice){value=sfDevice[key];if(key==="type"){title=value}if(key==="name"){name=value}if(key==="epoch"){epoch=value}}subres.push({title:title,value:name,epoch:epoch,td:"1"})}delete session[attr]}else if(session[attr].toString().match(/"rp":\s*"[\w-]+"/)){subres.push({title:"rp",value:"scope",epoch:"date",td:"0"});array=JSON.parse(session[attr]);for(k=0,len2=array.length;k<len2;k++){oidcConsent=array[k];for(key in oidcConsent){value=oidcConsent[key];if(key==="rp"){title=value}if(key==="scope"){name=value}if(key==="epoch"){epoch=value}}subres.push({title:title,value:name,epoch:epoch,td:"2"})}delete session[attr]}else if(session[attr].toString().match(/\w+/)){subres.push({title:attr,value:session[attr],epoch:""});delete session[attr]}else{delete session[attr]}}else{delete session[attr]}}if(subres.length>0){res.push({title:"__"+category+"__",nodes:subres})}}_insert("^openid","OpenID");_insert("^notification_(.+)","__notificationsDone__");if(session._loginHistory){tmp=[];if(session._loginHistory.successLogin){ref=session._loginHistory.successLogin;for(m=0,len3=ref.length;m<len3;m++){l=ref[m];cv="";for(key in l){value=l[key];if(!key.match(/^(_utime|ipAddr|error)$/)){cv+=", "+key+" : "+value}}tmp.push({t:l._utime,title:$scope.localeDate(l._utime),value:"Success (IP "+l.ipAddr+")"+cv})}}if(session._loginHistory.failedLogin){ref1=session._loginHistory.failedLogin;for(o=0,len4=ref1.length;o<len4;o++){l=ref1[o];cv="";for(key in l){value=l[key];if(!key.match(/^(_utime|ipAddr|error)$/)){cv+=", "+key+" : "+value}}tmp.push({t:l._utime,title:$scope.localeDate(l._utime),value:"Error "+l.error+" (IP "+l.ipAddr+")"+cv})}}delete session._loginHistory;tmp.sort(function(a,b){return b.t-a.t});res.push({title:"__loginHistory__",nodes:tmp})}tmp=[];for(key in session){value=session[key];tmp.push({title:key,value:value})}tmp.sort(function(a,b){if(a.title>b.title){return 1}else if(a.title<b.title){return-1}else{return 0}});real=[];spoof=[];for(p=0,len5=tmp.length;p<len5;p++){element=tmp[p];if(element.title.match(new RegExp("^"+$scope.impPrefix+".+$"))){console.log(element,"-> real attribute");real.push(element)}else{console.log(element,"-> spoofed attribute");spoof.push(element)}}tmp=spoof.concat(real);res.push({title:"__attributesAndMacros__",nodes:tmp});return{_utime:time,id:id,nodes:res}};$scope.currentScope=scope;sessionId=scope.$modelValue.session;$http.get(scriptname+"sessions/"+sessionType+"/"+sessionId).then(function(response){return $scope.currentSession=transformSession(response.data)});return $scope.showT=false};$scope.localeDate=function(s){var d;d=new Date(s*1e3);return d.toLocaleString()};$scope.strToLocaleDate=function(s){var arrayDate,d;arrayDate=s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);if(!arrayDate.length){return s}d=new Date(arrayDate[1]+"-"+arrayDate[2]+"-"+arrayDate[3]+"T"+arrayDate[4]+":"+arrayDate[5]+":"+arrayDate[6]);return d.toLocaleString()};$scope.getLanguage=function(lang){$scope.lang=lang;$scope.form="white";$scope.init();return $scope.showM=false};pathEvent=function(event,next,current){var n;n=next.match(/#!?\/(\w+)/);sessionType="global";if(n===null){$scope.type="_whatToTrace"}else if(n[1].match(/^(persistent)$/)){sessionType=RegExp.$1;$scope.type="_session_uid"}else{$scope.type=n[1]}return $scope.init()};$scope.$on("$locationChangeSuccess",pathEvent);autoId=0;$scope.updateTree=function(value,node,level,over,currentQuery,count){var query,scheme,tmp;$scope.waiting=true;scheme=schemes[$scope.type]?schemes[$scope.type]:$scope.type==="_updateTime"?schemes._startTime:schemes._whatToTrace;query=scheme[level]($scope.type,value,currentQuery);if(count>max&&overScheme[$scope.type]){if(tmp=overScheme[$scope.type]($scope.type,value,level,over,currentQuery)){over++;query=tmp;level=level-1}else{over=0}}else{over=0}return $http.get(scriptname+"sessions/"+sessionType+"?"+query).then(function(response){var data,i,len,n,ref;data=response.data;if(data.result){ref=data.values;for(i=0,len=ref.length;i<len;i++){n=ref[i];autoId++;n.id="node"+autoId;if(level<scheme.length-1){n.nodes=[];n.level=level+1;n.query=query;n.over=over;if($scope.type.match(/^(?:start|update)Time$/)){n.title=n.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")}}node.push(n)}if(value===""){$scope.total=data.total}}return $scope.waiting=false},function(resp){return $scope.waiting=false})};$scope.init=function(){$scope.waiting=true;$scope.data=[];$q.all([$translator.init($scope.lang),$scope.updateTree("",$scope.data,0,0)]).then(function(){return $scope.waiting=false},function(resp){return $scope.waiting=false});$scope.activeModule="sessions";return $scope.myStyle={color:"#ffb84d"}};c=$location.path().match(/^\/(\w+)/);return $scope.type=c?c[1]:"_whatToTrace"}])}).call(this);
+(function(){var categories,hiddenAttributes,llapp,max,menu,overScheme,schemes;max=25;schemes={_whatToTrace:[function(t,v){return"groupBy=substr("+t+",1)"},function(t,v){return t+"="+v+"*&groupBy="+t},function(t,v){return t+"="+v}],ipAddr:[function(t,v){return"groupBy=net("+t+",16,1)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",32,2)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",48,3)"},function(t,v){if(!v.match(/:/)){v=v+"."}return t+"="+v+"*&groupBy=net("+t+",128,4)"},function(t,v){return t+"="+v+"&groupBy=_whatToTrace"},function(t,v,q){return q.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+v)}],_startTime:[function(t,v){return"groupBy=substr("+t+",8)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",10)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",11)"},function(t,v){return t+"="+v+"*&groupBy=substr("+t+",12)"},function(t,v){return t+"="+v+"*&groupBy=_whatToTrace"},function(t,v,q){console.log(t);console.log(v);console.log(q);return q.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+v)}],doubleIp:[function(t,v){return t},function(t,v){return"_whatToTrace="+v+"&groupBy=ipAddr"},function(t,v,q){return q.replace(/\&groupBy.*$/,"")+("&ipAddr="+v)}]};overScheme={_whatToTrace:function(t,v,level,over){if(level===1&&v.length>over){return t+"="+v+"*&groupBy=substr("+t+","+(level+over+1)+")"}else{return null}},ipAddr:function(t,v,level,over){if(level>0&&level<4){return t+"="+v+"*&groupBy=net("+t+","+(16*level+4*(over+1))+",2)"}else{return null}}};hiddenAttributes="_password";categories={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"],sfaTitle:["_2fDevices"],oidcConsents:["_oidcConsents"]};menu={session:[{title:"deleteSession",icon:"trash"}],home:[]};llapp=angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]);llapp.controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function($scope,$translator,$location,$q,$http){var autoId,c,pathEvent,sessionType;$scope.links=links;$scope.menulinks=menulinks;$scope.staticPrefix=staticPrefix;$scope.scriptname=scriptname;$scope.formPrefix=formPrefix;$scope.impPrefix=impPrefix;$scope.sessionTTL=sessionTTL;$scope.availableLanguages=availableLanguages;$scope.waiting=true;$scope.showM=false;$scope.showT=true;$scope.data=[];$scope.currentScope=null;$scope.currentSession=null;$scope.menu=menu;$scope.translateP=$translator.translateP;$scope.translate=$translator.translate;$scope.translateTitle=function(node){return $translator.translateField(node,"title")};sessionType="global";$scope.menuClick=function(button){if(button.popup){window.open(button.popup)}else{if(!button.action){button.action=button.title}switch(typeof button.action){case"function":button.action($scope.currentNode,$scope);break;case"string":$scope[button.action]();break;default:console.log(typeof button.action)}}return $scope.showM=false};$scope.deleteOIDCConsent=function(rp,epoch){var item;item=angular.element(".data-"+epoch);item.remove();$scope.waiting=true;$http["delete"](scriptname+"sessions/OIDCConsent/"+sessionType+"/"+$scope.currentSession.id+"?rp="+rp+"&epoch="+epoch).then(function(response){return $scope.waiting=false},function(resp){return $scope.waiting=false});return $scope.showT=false};$scope.deleteSession=function(){$scope.waiting=true;return $http["delete"](scriptname+"sessions/"+sessionType+"/"+$scope.currentSession.id).then(function(response){$scope.currentSession=null;$scope.currentScope.remove();return $scope.waiting=false},function(resp){$scope.currentSession=null;$scope.currentScope.remove();return $scope.waiting=false})};$scope.stoggle=function(scope){var node;node=scope.$modelValue;if(node.nodes.length===0){$scope.updateTree(node.value,node.nodes,node.level,node.over,node.query,node.count)}return scope.toggle()};$scope.displaySession=function(scope){var sessionId,transformSession;transformSession=function(session){var _insert,array,attr,attrs,category,cv,element,epoch,i,id,j,k,key,l,len,len1,len2,len3,len4,len5,m,name,o,oidcConsent,p,real,ref,ref1,res,sfDevice,spoof,subres,time,title,tmp,value;_insert=function(re,title){var key,reg,tmp,value;tmp=[];reg=new RegExp(re);for(key in session){value=session[key];if(key.match(reg)&&value){tmp.push({title:key,value:value});delete session[key]}}if(tmp.length>0){return res.push({title:title,nodes:tmp})}};time=session._utime;id=session._session_id;for(key in session){value=session[key];if(!value){delete session[key]}else{if(typeof session==="string"&&value.match(/; /)){session[key]=value.split("; ")}if(typeof session[key]!=="object"){if(hiddenAttributes.match(new RegExp("\b"+key+"\b"))){session[key]="********"}else if(key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)){session[key]=$scope.localeDate(value)}else if(key.match(/^(_startTime|_updateTime)$/)){session[key]=$scope.strToLocaleDate(value)}}}}res=[];for(category in categories){attrs=categories[category];subres=[];for(i=0,len=attrs.length;i<len;i++){attr=attrs[i];if(session[attr]){if(session[attr].toString().match(/"type":\s*"(?:TOTP|U2F|UBK)"/)){subres.push({title:"type",value:"name",epoch:"date",td:"0"});array=JSON.parse(session[attr]);for(j=0,len1=array.length;j<len1;j++){sfDevice=array[j];for(key in sfDevice){value=sfDevice[key];if(key==="type"){title=value}if(key==="name"){name=value}if(key==="epoch"){epoch=value}}subres.push({title:title,value:name,epoch:epoch,td:"1"})}delete session[attr]}else if(session[attr].toString().match(/"rp":\s*"[\w-]+"/)){subres.push({title:"rp",value:"scope",epoch:"date",td:"0"});array=JSON.parse(session[attr]);for(k=0,len2=array.length;k<len2;k++){oidcConsent=array[k];for(key in oidcConsent){value=oidcConsent[key];if(key==="rp"){title=value}if(key==="scope"){name=value}if(key==="epoch"){epoch=value}}subres.push({title:title,value:name,epoch:epoch,td:"2"})}delete session[attr]}else if(session[attr].toString().match(/\w+/)){subres.push({title:attr,value:session[attr],epoch:""});delete session[attr]}else{delete session[attr]}}else{delete session[attr]}}if(subres.length>0){res.push({title:"__"+category+"__",nodes:subres})}}_insert("^openid","OpenID");_insert("^notification_(.+)","__notificationsDone__");if(session._loginHistory){tmp=[];if(session._loginHistory.successLogin){ref=session._loginHistory.successLogin;for(m=0,len3=ref.length;m<len3;m++){l=ref[m];cv="";for(key in l){value=l[key];if(!key.match(/^(_utime|ipAddr|error)$/)){cv+=", "+key+" : "+value}}tmp.push({t:l._utime,title:$scope.localeDate(l._utime),value:"Success (IP "+l.ipAddr+")"+cv})}}if(session._loginHistory.failedLogin){ref1=session._loginHistory.failedLogin;for(o=0,len4=ref1.length;o<len4;o++){l=ref1[o];cv="";for(key in l){value=l[key];if(!key.match(/^(_utime|ipAddr|error)$/)){cv+=", "+key+" : "+value}}tmp.push({t:l._utime,title:$scope.localeDate(l._utime),value:"Error "+l.error+" (IP "+l.ipAddr+")"+cv})}}delete session._loginHistory;tmp.sort(function(a,b){return b.t-a.t});res.push({title:"__loginHistory__",nodes:tmp})}tmp=[];for(key in session){value=session[key];tmp.push({title:key,value:value})}tmp.sort(function(a,b){if(a.title>b.title){return 1}else if(a.title<b.title){return-1}else{return 0}});real=[];spoof=[];for(p=0,len5=tmp.length;p<len5;p++){element=tmp[p];if(element.title.match(new RegExp("^"+$scope.impPrefix+".+$"))){console.log(element,"-> real attribute");real.push(element)}else{console.log(element,"-> spoofed attribute");spoof.push(element)}}tmp=spoof.concat(real);res.push({title:"__attributesAndMacros__",nodes:tmp});return{_utime:time,id:id,nodes:res}};$scope.currentScope=scope;sessionId=scope.$modelValue.session;$http.get(scriptname+"sessions/"+sessionType+"/"+sessionId).then(function(response){return $scope.currentSession=transformSession(response.data)});return $scope.showT=false};$scope.localeDate=function(s){var d;d=new Date(s*1e3);return d.toLocaleString()};$scope.isValid=function(epoch){var now,valid;now=Date.now()/1e3;valid=now-epoch<$scope.sessionTTL;console.log("session epoch",epoch);console.log("current date",now);console.log("sessions TTL",sessionTTL);console.log("Valid ?",valid);return valid};$scope.strToLocaleDate=function(s){var arrayDate,d;arrayDate=s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);if(!arrayDate.length){return s}d=new Date(arrayDate[1]+"-"+arrayDate[2]+"-"+arrayDate[3]+"T"+arrayDate[4]+":"+arrayDate[5]+":"+arrayDate[6]);return d.toLocaleString()};$scope.getLanguage=function(lang){$scope.lang=lang;$scope.form="white";$scope.init();return $scope.showM=false};pathEvent=function(event,next,current){var n;n=next.match(/#!?\/(\w+)/);sessionType="global";if(n===null){$scope.type="_whatToTrace"}else if(n[1].match(/^(persistent)$/)){sessionType=RegExp.$1;$scope.type="_session_uid"}else{$scope.type=n[1]}return $scope.init()};$scope.$on("$locationChangeSuccess",pathEvent);autoId=0;$scope.updateTree=function(value,node,level,over,currentQuery,count){var query,scheme,tmp;$scope.waiting=true;scheme=schemes[$scope.type]?schemes[$scope.type]:$scope.type==="_updateTime"?schemes._startTime:schemes._whatToTrace;query=scheme[level]($scope.type,value,currentQuery);if(count>max&&overScheme[$scope.type]){if(tmp=overScheme[$scope.type]($scope.type,value,level,over,currentQuery)){over++;query=tmp;level=level-1}else{over=0}}else{over=0}return $http.get(scriptname+"sessions/"+sessionType+"?"+query).then(function(response){var data,i,len,n,ref;data=response.data;if(data.result){ref=data.values;for(i=0,len=ref.length;i<len;i++){n=ref[i];autoId++;n.id="node"+autoId;if(level<scheme.length-1){n.nodes=[];n.level=level+1;n.query=query;n.over=over;if($scope.type.match(/^(?:start|update)Time$/)){n.title=n.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")}}node.push(n)}if(value===""){$scope.total=data.total}}return $scope.waiting=false},function(resp){return $scope.waiting=false})};$scope.init=function(){$scope.waiting=true;$scope.data=[];$q.all([$translator.init($scope.lang),$scope.updateTree("",$scope.data,0,0)]).then(function(){return $scope.waiting=false},function(resp){return $scope.waiting=false});$scope.activeModule="sessions";return $scope.myStyle={color:"#ffb84d"}};c=$location.path().match(/^\/(\w+)/);return $scope.type=c?c[1]:"_whatToTrace"}])}).call(this);
diff --git a/lemonldap-ng-manager/site/templates/sessions.tpl b/lemonldap-ng-manager/site/templates/sessions.tpl
index 613c4eb29..be6ad10de 100644
--- a/lemonldap-ng-manager/site/templates/sessions.tpl
+++ b/lemonldap-ng-manager/site/templates/sessions.tpl
@@ -118,7 +118,12 @@
         <a class="btn btn-node btn-sm" ng-click="displaySession(this)">
           <span class="glyphicon glyphicon-eye-open"></span>
         </a>
-        <span id="s-{{node.session}}" ng-click="displaySession(this)">{{localeDate(node.date)}}</span>
+        <span ng-if="isValid(node.date)">
+          <span id="s-{{node.session}}" ng-click="displaySession(this)">{{localeDate(node.date)}}</span>
+        </span>
+        <span ng-if="!isValid(node.date)">
+          <span id="s-{{node.session}}" ng-click="displaySession(this)" ng-style="{color: '#337Ab7'}">{{localeDate(node.date)}}</span>
+        </span>
       </span>
     </div>
     <ol ui-tree-nodes="" ng-model="node.nodes" ng-class="{hidden: collapsed}">
diff --git a/lemonldap-ng-portal/t/68-Impersonation.t b/lemonldap-ng-portal/t/68-Impersonation.t
index 5614e1e06..dcdddb39b 100644
--- a/lemonldap-ng-portal/t/68-Impersonation.t
+++ b/lemonldap-ng-portal/t/68-Impersonation.t
@@ -20,11 +20,12 @@ my $client = LLNG::Manager::Test->new( {
             checkUser                      => 1,
             impersonationRule              => '$uid ne "msmith"',
             impersonationIdRule            => '$uid ne "msmith"',
+            impersonationPrefix            => 'testPrefix_',
             checkUserDisplayPersistentInfo => 0,
             checkUserDisplayEmptyValues    => 0,
             impersonationMergeSSOgroups    => 0,
             macros                         => {
-                test_impersonation => '"$real__user/$_user"',
+                test_impersonation => '"$testPrefix__user/$_user"',
                 _whatToTrace =>
                   '$_auth eq "SAML" ? "$_user@$_idpConfKey" : $_user',
             },
@@ -263,13 +264,13 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
 ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
     'Found _whatToTrace' )
   or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
-ok( $res->[2]->[0] =~ m%<td class="text-left">real_groups</td>%,
-    'Found real_groups' )
-  or explain( $res->[2]->[0], 'real_groups' );
+ok( $res->[2]->[0] =~ m%<td class="text-left">testPrefix_groups</td>%,
+    'Found testPrefix_groups' )
+  or explain( $res->[2]->[0], 'testPrefix_groups' );
 ok( $res->[2]->[0] =~ m%<td class="text-left">su</td>%, 'Found su' )
   or explain( $res->[2]->[0], 'su' );
-ok( $res->[2]->[0] =~ m%<td class="text-left">real_uid</td>%, 'Found real_uid' )
-  or explain( $res->[2]->[0], 'real_groups' );
+ok( $res->[2]->[0] =~ m%<td class="text-left">testPrefix_uid</td>%, 'Found testPrefix_uid' )
+  or explain( $res->[2]->[0], 'testPrefix_groups' );
 ok( $res->[2]->[0] =~ m%<td class="text-left">rtyler</td>%, 'Found rtyler' )
   or explain( $res->[2]->[0], 'su' );
 ok( $res->[2]->[0] =~ m%<td class="align-middle">test_impersonation</td>%,
@@ -280,6 +281,20 @@ ok( $res->[2]->[0] =~ m%<td class="align-middle">rtyler/dwho</td>%,
   or explain( $res->[2]->[0], 'Found rtyler/dwo' );
 count(16);
 
+my @attributes = map /<td class="text-left">(.+)?<\/td>/g, $res->[2]->[0];
+ok( scalar @attributes == 58, 'Found 58 attributes' )
+  or print STDERR "Missing attributes -> " . scalar @attributes;
+ok( $attributes[0] eq '_auth', '_auth' ) or print STDERR Dumper( \@attributes );
+ok( $attributes[1] eq 'Demo',  'Demo' )  or print STDERR Dumper( \@attributes );
+ok( $attributes[26] eq 'uid',  'uid' )   or print STDERR Dumper( \@attributes );
+ok( $attributes[28] eq 'testPrefix__auth', 'testPrefix__auth' )
+  or print STDERR Dumper( \@attributes );
+ok( $attributes[56] eq 'testPrefix_uid', 'testPrefix_uid' )
+  or print STDERR Dumper( \@attributes );
+ok( $attributes[57] eq 'rtyler', 'rtyler' )
+  or print STDERR Dumper( \@attributes );
+count(7);
+
 $client->logout($id);
 clean_sessions();