On 9/2/2015 9:20 AM, Stian Thorgersen wrote:
> I was thinking about this a little more and I thought about the
ability
> to add required actions to the ClientSession. Those required actions
> would only have to be executed within that client session login and
> could be aborted. Then user forgot password and admin reset would only
> set required actions for the clientsession and the actions become temporary.
How would that work for admin reset? Do we create a user/client session for those? I
guess we do
We did before and we still do create a client/user session for admin reset.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com