[ 
https://issues.apache.org/jira/browse/JAMES-4090?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17899712#comment-17899712
 ] 

Benoit Tellier commented on JAMES-4090:
---------------------------------------

Implemented prototype allows disconnection on both IMAP, SMTP websockets.

Remaining work:
 - Support distributed mode for this feature.
 - Could be cool to allow for group desactivations
 - Plugging it onto James data-api operations would be a must!

I might proceed with merging this POC yet complementary work will continue on 
those next steps.

> IMAP / SMTP: Force user deconnection
> ------------------------------------
>
>                 Key: JAMES-4090
>                 URL: https://issues.apache.org/jira/browse/JAMES-4090
>             Project: James Server
>          Issue Type: New Feature
>            Reporter: Benoit Tellier
>            Priority: Major
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> ## Why?
> IMAP / SMTP protocols are connected stateful protocols, where the user 
> establishes a long lived connection used to serve many requests.
> Upon specific events (password change, phone stolen, delegation right 
> removed, etc...) I might want to abort those connections as soon as possible 
> and force a specific user to re-login.
> As off today, there is no mechanism in place in order to do so.
> ## Goal
> Have a webadmin endpoint allowing iterating on locally established 
> connections, and close the one belonging to the aforementioned user. This 
> forces the given user to eventually re-login.
> This means we need to manage channel groups for recording channels for the 
> protocols where we need to support such kind of forced logout.
> ## Non goals
> We target in a first approach only a "local" implementation. If called we 
> only remove concerned connections of the local node and do NOT attempt to 
> close connections across the cluster. This means the endpoint needs to be 
> called ON EACH James server node.
> Supporting disconnects in a distributed technologies would mean implementing 
> a broadcast on top of a distributed queue.
> It is also a non goal (for now!) to automatically trigger this disconnect 
> when :
>  - user changes password
>  - user removes a delegation
> ## complementary work
> JMAP websocket / event source shall also be impacted by this logout.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org

Reply via email to