XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.0.0
    • Component/s: ESP, Session Management
    • Labels:
      None

      Description

      ESP should support session based interaction with ECLWatch whenever security is enabled (LDAP/HTPASSWD/etc). This includes creating a session object when a users credentials are verified, and tracking the session activity. User initiated Login/logout should be support, as well as forced logout by an admin. Session activity needs to be tracked and users need to be warned as timeout nears. Timeout should be forced after the configured period of inactivity. ESP still needs to support legacy mode to support web services. ESP should never retain user passwords in memory.
      Need to implement an admin interface to enumerate attributes of all active sessions, and allow an admin to force a logout.
      Need to implement an interface where ECLWatch can query session attributes, specifically time remaining before timeout.
      Optionally we could support a "Take me to this page when logged in" user preference, which would require saving in Dali or some similar store.

        Attachments

          Activity

            People

            • Assignee:
              wangkx Kevin Wang
              Reporter:
              russwhitehead Russ Whitehead
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: