Juan Manuel CABRERA created FEDIZ-20:
----------------------------------------
Summary: IDP should maintain authentication state
Key: FEDIZ-20
URL: https://issues.apache.org/jira/browse/FEDIZ-20
Project: CXF-Fediz
Issue Type: New Feature
Components: IDP
Affects Versions: 1.0.0
Reporter: Juan Manuel CABRERA
The IDP relies on the browser to cache the end user's credentials (classical
way to work for a HTTP Basic authentication).
So in the IDP there is no way to kill a end user session without killing the
browser.
The IDP should maintain these credentials (or better : the proof that these
credentials were checked at some point - i.e. a token).
If for instance this token is stored in the HTTP session, the IDP will then be
capable of removing it from the session, effectively killing the authentication
and forcing the end user to enter again his credentials.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
