Ticket #580 (defect)
Opened 2 years ago
Check current user is same as authenicated user
Status: new
| Reported by: | douglm | Assigned to: | douglm |
|---|---|---|---|
| Priority: | major | Milestone: | Bedework 3.7 |
| Component: | web clients | Version: | |
| Keywords: | Cc: | ||
With some shib implementations the proxy can switch the authenticated user in the same servlet session.
Check for that and invalidate the session if that's the case
