Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-2776 Concurrent Session Limit for UIs
  3. KNOX-2778

Enforce concurrent session limit in KnoxSSO

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.0
    • 2.0.0
    • Server
    • None

    Description

      Once, KNOX-2777 is ready, the next step is to wire that verifier implementation into the KnoxSSO flow such as it throws an authorization error (FORBIDDEN; 403) when a user tries to log in to UIs (both Knox's own UIs or UIs proxied by Knox) but that user exceeds the configured concurrent session limit.

      Basic logout handling should be covered too:

      • manually clicking on the logout button
      • subscribing to a session timeout event (you may want to talk to smore about this)

      Attachments

        Issue Links

          depends upon

          Sub-task - The sub-task of the issue KNOX-2777 Implement concurrent session verifier

          • Major - Major loss of function.
          • Resolved
          is depended upon by

          Sub-task - The sub-task of the issue KNOX-2788 Implement deleting expired tokens and make Verifier disableable

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #615

          Activity

            People

              mrtnbalazs Marton Balázs
              smolnar Sandor Molnar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 5h 20m
                  5h 20m