[
https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15066385#comment-15066385
]
Larry McCay commented on KNOX-641:
----------------------------------
If my understanding is correct then for testBasicAuth there is no separate
identity provider cookies because it is only a feature of the pac4j provider.
Therefore, removing the pac4j session would only invalidate the testBasicAuth
session - real SAML sessions would still be active, a new pac4j session would
be created on the next request resulting in a new Knox session cookie. Without
forcing a new authentication for the enduser. That is, unless someone snuck in
a testBasicAuth somehow as well.
If that is accurate then I am +1 on the approach.
> Support CAS / OAuth / OpenID C / SAML protocols using pac4j
> -----------------------------------------------------------
>
> Key: KNOX-641
> URL: https://issues.apache.org/jira/browse/KNOX-641
> Project: Apache Knox
> Issue Type: New Feature
> Reporter: Jérôme Leleu
> Assignee: Jérôme Leleu
> Fix For: 0.7.0
>
> Attachments: KNOX-641.patch
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
