Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-32525

#PT12068_2 - Allowing Duplicate Concurrent User Session

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Security, Security / Rights

      Description

      Authentication and Sessions > Concurrent Logins

      Proof of Concept

      1. Login with a user's account with the browser.
      1. Login with same user's account with different browser or in incognito mode.
      1. Try to navigate or interact with application on both browser's session, application will response for both at the same time.

      Suggested Fix

      As a best practice, consider disallowing multiple concurrent user sessions or logins.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              santony Sooraj Antony
              Participants:
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: