Hi Christopher - Great to hear that you are interested in working on this!
I am reviewing the proposal again and will comment more once I have a handle on it again. My first thought however is that it should not be limited to Shiro. There is a pretty general need for logout that can probably be leveraged across authentication/federation providers. I'm thinking that we need a new Knox REST API for logout. It would be a jersey based service - similar to the knoxsso module. It would also be configurable to take a list of header names to remove upon invocation. We would need to determine the authentication/federation provider requirements in order to actually call logout - if any. If they are different than that of the topology that hosts the Knox UI service configuration than it may need to be in its own topology - again like knoxsso. We will need to drill into that a bit. What are your thoughts? thanks, --larry On Mon, Nov 23, 2015 at 9:52 AM, Christopher Jackson < [email protected]> wrote: > Hi Guys, > > I’d like to work on KNOX-571, can someone assign it to me? My approach > will be as the reporter suggested: creating an additional provider with the > necessary filter to expire the session. I will only create a provider for > the default (shiro auth) for now. > > Regards, > Christopher Jackson
