[MGNLUI-421] No visible user name, no way to log out Created: 21/Aug/12 Updated: 19/Jun/13 Resolved: 19/Jun/13 |
|
| Status: | Closed |
| Project: | Magnolia UI |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 5.0 |
| Type: | Bug | Priority: | Major |
| Reporter: | Andreas Weder | Assignee: | Espen Jervidalo |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Template: |
|
||||
| Acceptance criteria: |
Empty
|
||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||
| Date of First Response: | |||||
| Description |
Note that that there are no visuals and no style guide definitions defining this pop-up currently, but a similar item is being worked on. For now, implement a pop-up working and looking similar to the one available in the prototype. |
| Comments |
| Comment by Andreas Weder [ 11/Sep/12 ] |
|
Still missing, but I'm moving this to the 5.0 backlog. |
| Comment by Tobias Mattsson [ 29/Nov/12 ] |
|
Should logging out mean that you log out in all your tabs? Cause we have different AdminCentral instances for the same user in multiple tabs using the same login/http-session. |
| Comment by Andreas Weder [ 03/Dec/12 ] |
|
I assume you're asking whether we should explicitly or actively log out a user in every open browser tab, which is using the same http session as the one she's just logged out from. I could live without this. I think the minimum behavior should be that I get the log-in screen as soon as it is detected that my session has expired. As an example, let's assume I've logged out, but in a different browser tab, which still shows the page tree of Pages, I execute the "New folder" action. I'd expect that it is then detected that my session is no longer valid and I'm being shown the login screen and am asked to log-in again. If I've done that successfully, Pages opens again (same location in the address bar) and I then would have to re-launch my action. As I said, I think this is the minimum behavior which we should support. Whether we should actively log a user out in every open browser tab or window seems could be a security sensitive question. Is it critical, if a tab of a no longer valid session still exposes/shows some data? If this is a security risk, then we should implement an active logout on top of the minimum behavior. I could ask for feedback from users e.g. on the users list or launch a poll to answer this question. |