Description
In the course of OPT-1925 server-side stateless sessions were implemented with the disadvantage that a token only expires based on it's issuedAt data and the current configured lifetime.
In order to foster security we decided to reimplement a hard logout managed from the server side by storing information available to all nodes in a cluster scenario.
AT:
- a token belongs to a distributed session that can be invalidated with a logout, invalidating all tokens generated for that session at once
mgm-controller-panel
This is the controller panel for Smart Panels app
Attachments
Issue Links
- mentioned in
-
Page Loading...