[
https://issues.apache.org/jira/browse/KNOX-2778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated KNOX-2778:
--------------------------------
Description:
Once, KNOX-2777 is ready, the next step is to wire that verifier implementation
into the KnoxSSO flow such as it throws an authorization error (FORBIDDEN; 403)
when a user tries to log in to UIs (both Knox's own UIs or UIs proxied by Knox)
but that user exceeds the configured concurrent session limit.
Basic logout handling should be covered too:
* manually clicking on the logout button
* subscribing to a session timeout event (you may want to talk to [~smore]
about this)
was:Once, KNOX-2777 is ready, the next step is to wire that verifier
implementation into the KnoxSSO flow such as it throws an authorization error
(FORBIDDEN; 403) when a user tries to log in to UIs (both Knox's own UIs or UIs
proxied by Knox) but that user exceeds the configured concurrent session limit.
> Enforce concurrent session limit in KnoxSSO
> -------------------------------------------
>
> Key: KNOX-2778
> URL: https://issues.apache.org/jira/browse/KNOX-2778
> Project: Apache Knox
> Issue Type: Sub-task
> Components: Server
> Affects Versions: 2.0.0
> Reporter: Sandor Molnar
> Assignee: Balazs Marton
> Priority: Major
> Fix For: 2.0.0
>
>
> Once, KNOX-2777 is ready, the next step is to wire that verifier
> implementation into the KnoxSSO flow such as it throws an authorization error
> (FORBIDDEN; 403) when a user tries to log in to UIs (both Knox's own UIs or
> UIs proxied by Knox) but that user exceeds the configured concurrent session
> limit.
> Basic logout handling should be covered too:
> * manually clicking on the logout button
> * subscribing to a session timeout event (you may want to talk to [~smore]
> about this)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
