Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16093

RFE: accountLockout should also invalidate or remove current session

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 6.5.2
    • Fix Version/s: None
    • Component/s: CTS, session
    • Labels:
      None
    • Support Ticket IDs:

      Description

      Account Lockout functionality only affects Authentication. Current active sessions are still able to be used. This is a Request for Enhancement to the Account Lockout feature for AM to remove or invalidate the active sessions for a user who gets locked out.

       For example given a username:

      1 - Search and delete all active tokens in CTS
      2 - Set inetUserStatus (or equivalent) to Inactive 
      3 - Audit the above somewhere

      Either the API (better) or direct LDAP calls could be used for this.

       

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                david.bate David Bate
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: