You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We a sessions expires and we authenticate the user again, we are authenticating the user for the current system and for all the other systems the user was authenticated in previously (see e.g. here)
The problem with this is that different systems may have different requirements for authentication. For example, some systems check the groups the user is in. If the user is removed from a group and gets reauthenticated in another system, they will also be authenticated in a system they should not longer have access to.
Is this behaviour something we want to keep?
The text was updated successfully, but these errors were encountered:
We a sessions expires and we authenticate the user again, we are authenticating the user for the current system and for all the other systems the user was authenticated in previously (see e.g. here)
The problem with this is that different systems may have different requirements for authentication. For example, some systems check the groups the user is in. If the user is removed from a group and gets reauthenticated in another system, they will also be authenticated in a system they should not longer have access to.
Is this behaviour something we want to keep?
The text was updated successfully, but these errors were encountered: