[Hawkular-dev] hawkular-accounts integration with websocket stuff in kettle
Heiko W.Rupp
hrupp at redhat.com
Thu Aug 6 06:38:04 EDT 2015
> That provides only a small part of the whole authentication scheme,
> though: given that a WebSocket can potentially live for a very long time
> (hours, or even days), it's likely that a session might expire during
> the lifetime of the socket connection. So, this connection has to be
> "somehow" refreshed or killed.
What do you mean by session expiring (which session)?
If the WS-client goes away, the server will see an event for it.
What may possibly more a cause for concern is that a Hawkular user may
have a WS-connection open and the user is removed from the user
database. In this case we may want to invalidate all tokens/grants and
also forcefully disconnect the WS.
More information about the hawkular-dev
mailing list