[
https://issues.apache.org/jira/browse/ISIS-999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14287462#comment-14287462
]
ASF subversion and git services commented on ISIS-999:
------------------------------------------------------
Commit 55f997048e08a1bcf944ccd684e8a7637358f6a7 in isis's branch
refs/heads/master from [~mgrigorov]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=55f9970 ]
ISIS-999 Wicket's Session.get() creates a Session even if there is no such
before that
> Provide a log to administrator of which users logged in and logged out
> ----------------------------------------------------------------------
>
> Key: ISIS-999
> URL: https://issues.apache.org/jira/browse/ISIS-999
> Project: Isis
> Issue Type: New Feature
> Components: Core, Viewer: Wicket
> Affects Versions: viewer-wicket-1.7.0, core-1.7.0
> Reporter: Dan Haywood
> Assignee: Martin Grigorov
> Fix For: viewer-wicket-1.8.0, core-1.8.0
>
>
> A log showing the following info (at least) must be available:
> * Account who has been logged.
> * Date/Time the session has been started.
> * Date/Time the session has been ended (by the user or automatically due to
> inactivity, etc.).
> ~~~
> Suggest that this be specified some sort of new optional service defined in
> the applib.
> If present, then on login and logout we can call this new optional service.
> I can imagine there being a requirement to surface this info in the UI, which
> probably means persisting to a database, ie some sort of new audit entity.
> Easiest option is to have the new service could be implemented by isisaddons'
> isis-module-security? Or perhaps a completely new isisaddon service if don't
> want to couple this?
> Not sure how to capture timeouts; is this info available through some sort of
> Wicket callback? Perhaps it should be done through a Quartz scheduler
> service, which can mark sessions as dead if not used for 15 minutes?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
