Hi Dimuth, If the admins do not specify this configuration what are the default values that would be taken upon?
Thanks, On Tue, Mar 27, 2018 at 10:30 AM, Dimuth Menikgama <[email protected]> wrote: > Hi all, > > I started working on this new project for *limiting the concurrent active > session count for users in WSO2 Identity Server*. This project aims to > add a configuration so that *tenant admin, user store admin *or *identity > admin* can enforce the maximum sessions for each user belong to a > particular *tenant, user store *or* user role*. If a user tries to exceed > the maximum session limit, the user will be notified with active session > count and will be asked to log out from existing active session manually in > order to create a new session. > > I was able to come up with user stories[1] for this feature and an initial > user story review for this was held on 21st March with Dimuthu, Pulasthim, > Menaka, and Myself. > > Conditional Authentication capabilities of Identity server will be used > for the implementing this feature. I hope to create a function to identify > the number of active sessions for a particular user. > > Following problems were selected to discuss further, > > > - > > A mechanism for identifying maximum session count is needed when more > than one session limiting policy is applied. As an example let user Bob > belongs to tenant T and user store S. If maximum session count for users in > T is M and maximum session count for users in S is N, we need a mechanism > to identify the maximum allowed session count (Need to decide whether to > use M or N). For that, following things were suggested > - > > Defining a precedence list. > - > > Taking the minimum limit of all policies as the maximum allowed > session count. (Minimum of M and N ) > > > > - > > What is the best way to handle new session request when maximum > allowed session limit is 1? > - > > If there is a session, close that session and create a new session. > - > > Notify the user about the existing session and ask to end that > manually if he want to create a new session. > > > Any comments or suggestions are highly appreciated. > > [1] https://docs.google.com/document/d/1MwTSI79G7TvgMwIhWpW3tAZ8JRR9V > TzqwfvjlOOAke0/edit?usp=sharing > <https://docs.google.com/document/d/1MwTSI79G7TvgMwIhWpW3tAZ8JRR9VTzqwfvjlOOAke0/edit?usp=sharing&authuser=0> > > Regards, > > Dimuth Menikgama. > > > -- > > *Dimuth Menikgama* > > *Software Engineer* > *WSO2* > > > *Mobile : + 94 702337977 > <%2B%2094%2011%202145345%20%C2%A0Ext.%205737>* > > * <%2B%2094%2011%202145300>* > -- Denuwanthi De Silva Senior Software Engineer; WSO2 Inc.; http://wso2.com, Email: [email protected] Blog: https://denuwanthi.wordpress.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
