Details
-
Type:
Feature Request
-
Status: Open (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Labels:None
Description
A feature in which many of our users have expressed interest in the past, session management would provide an application-scoped registry of all active user sessions. We should provide features for terminating selected user sessions, setting a policy for multiple user sessions (one/multiple session per user) and provide some kind of formal support for session logging (last login time, ip address, etc). Up till now we've told our users to implement all this stuff manually, but I think it would be cool if we provided support for it out of the box.
Gliffy Diagrams
Activity
- All
- Comments
- Work Log
- History
- Activity
- Links Hierarchy
Just to be clear, we won't be providing direct access to the session object itself. We'll probably end up using a filter or likewise to invalidate a session that's been marked as invalid.
Shane Bryzak
added a comment - Just to be clear, we won't be providing direct access to the session object itself. We'll probably end up using a filter or likewise to invalidate a session that's been marked as invalid. Try the classes on the org.jboss.seam.security.session package.
George Gastaldi
added a comment - Try the classes on the org.jboss.seam.security.session package. 
Oh, and we should use Infinispan to cache active sessions, as per SEAMSECURITY-11.