Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16752

Allow end users to terminate their existing sessions

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 6.5.2, 6.5.2.1, 6.5.2.2, 6.5.2.3, 7.0.0
    • Fix Version/s: None
    • Labels:
      None
    • Environment:
      AM

      Description

      Allow end users to terminate their own existing sessions without knowing the session without relying on elevated credentials, or without retrieving any existing session handle.

      The problem described is similar to OPENAM-13297 but without having to use elevated credentials. This is to allow the user to kill existing session so as to create a new one because a session quota limit has been enforced.

      It is a problem for some customers to design solutions that retrieve elevated credentials as this may trigger security concerns and validation processes.

      The use case that this is trying to address is when a user logs in exceeding the number of session quota, they are presented with a pop up window asking them if terminating existing session is OK so as to be able to carry on with a new session.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              gery.ducatel Gery Ducatel
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: