Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-31980

Nuxeo must invalidate all other sessions

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 10.10, 2021
    • Fix Version/s: 2023.3, 2021.44
    • Component/s: Core
    • Release Notes Summary:
      HTTP session can now be invalidated by calling NuxeoHttpSessionMonitor.java.removeEntry(sessionId, true)
    • Tags:
    • Backlog priority:
      800
    • Sprint:
      nxplatform #95, nxplatform #96
    • Story Points:
      3

      Description

      From our client:

      We have a requirement where if a user logs in from a new session (eg from a different computer), all the other sessions for the same user should be invalidated and they should be logged out.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: