Spring Security
  1. Spring Security
  2. SEC-1619

GAE Sample should check whether GAE user is the same as the logged in user

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Complete
    • Affects Version/s: 3.1.0.M1
    • Fix Version/s: 3.1.0.M2
    • Component/s: Samples
    • Labels:
      None

      Description

      It's possible that a user may log out of Google Apps without logging out of the sample app. The app should detect a change of user, invalidate the existing session and authenticate the current user if this situation is detected.

        Activity

        Hide
        Luke Taylor added a comment -

        The GaeAuthenticationFilter now checks to see if the currently authenticated user matches the Google Apps user. If not, then it logs out the current user and destroys the session before continuing.

        Show
        Luke Taylor added a comment - The GaeAuthenticationFilter now checks to see if the currently authenticated user matches the Google Apps user. If not, then it logs out the current user and destroys the session before continuing.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: