Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-1976

Implement server-side managed logout for distributed session

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • L3 - Default
    • 2.4.0
    • None
    • backend
    • None

    Description

      In the course of OPT-1925 server-side stateless sessions were implemented with the disadvantage that a token only expires based on it's issuedAt data and the current configured lifetime.

      In order to foster security we decided to reimplement a hard logout managed from the server side by storing information available to all nodes in a cluster scenario.

      AT:

      • a token belongs to a distributed session that can be invalidated with a logout, invalidating all tokens generated for that session at once

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            mentioned in

            Page Loading...

            Activity

              People

                Unassigned Unassigned
                sebastian.bathke Sebastian Bathke
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce