I don't think there is much Undertow can do here, because this is clustered it is
basically out of Undertow's control.
For a non clustered version you can just maintain your own map using session listeners,
however like you say for the clustered version if you want to maintain this sort of map
you will need to create an Infinispan cache to handle the mapping.
When you mentioned an Undertow SPI what exactly did you have in mind? Some way to query
the session manager based on session attributes?
Stuart
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: undertow-dev(a)lists.jboss.org
Sent: Tuesday, 15 September, 2015 1:44:22 AM
Subject: Re: [undertow-dev] backchannel logout in cluster
I should add that SAML provides a "session index" to the web client when
LOGIN is finished. This index is sent with the logout request along
with the principal name.
The only way I could think of to implement it now is to iterate on all
sessions and compare SAML session info with attributes in each session.
Slow, but it would work. Would be nice to have an Undertow SPI.
Otherwise, I'm going to have to create a Infinispan cache specifically
just to map
On 9/14/2015 11:27 AM, Bill Burke wrote:
> I'm running into a problem implementing SAML backchannel logout. Web
> server could receive an on-of-band, non-browser HTTP request to logout
> out a specific user and/or session. I would need a way to lookup a
> session by Principal and a way to associate and lookup an external key.
> SAML doesn't really have any way to push client specific session
> information.
>
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
undertow-dev mailing list
undertow-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev