Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-9252

CLONE - Tracking MgnlUser sessions using HttpSessionListener


    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Neutral Neutral
    • 6.3.0
    • None
    • None
    • None

      Relates to: https://jira.magnolia-cms.com/browse/ADMINCTR-511

      When changing the password from one browser while another active session was in progress on a different browser, the new password was successfully updated, and the old session remained active.


      • This ticket will provide a¬†HttpSessionListener in order to track the sessions from an authenticated MgnlUser
      • Then, later on we can invalidate all sessions in some cases, e.g changing the password

      Documentation notes:

      • As discussed with mgeljic , we agreed that the listener will be setup/enabled by default, but not for existing installs
      • So, we should document it how to register/enable the listener in order to have the feature work https://jira.magnolia-cms.com/browse/ADMINCTR-511 (invalidate/logout all sessions when user changed the password), and the customers need to enable by themself if they want

        Acceptance criteria

              nguyen.phung Nguyen Phung Chi
              had Jan Haderka
              0 Vote for this issue
              1 Start watching this issue

                Work Started: