[jboss-jira] [JBoss JIRA] (ELY-904) Logout support for HTTP-based authentication mechanisms
Pedro Igor (JIRA)
issues at jboss.org
Wed Feb 1 09:09:00 EST 2017
Pedro Igor created ELY-904:
------------------------------
Summary: Logout support for HTTP-based authentication mechanisms
Key: ELY-904
URL: https://issues.jboss.org/browse/ELY-904
Project: WildFly Elytron
Issue Type: Enhancement
Components: HTTP
Affects Versions: 1.1.0.Beta21
Reporter: Pedro Igor
Assignee: Pedro Igor
I think it makes sense to also allow HTTP mechanisms to handle logouts. Logout is tightly related with authentication and mechanisms should be able to act properly during logout requests.
Although only a few set of mechanisms support logout, I think adding a default method {{org.wildfly.security.http.HttpServerAuthenticationMechanism#logout}} will make our API even more complete and capable of supporting more use cases.
The main use case for this enhancement is programmatic logout. In this case, logout can be triggered from inside an application which in turn delegates the logout logic to the mechanism that authenticated an user.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list