I noticed CAS documentation for SSO sessions identify actuator endpoints that seem like they would be useful to us.
< https://apereo.github.io/cas/7.0.x/authentication/Configuring-SSO.html#actuator-endpoints > In particular, something like "/cas/actuator/ssoSessions/users/{username}" looks promising for helping to deal with compromised accounts where we'd like to kill off any existing SSO sessions for a compromised user. But it's not clear to me how you actually use this in practice to accomplish this? In addition to how you would use the Get and Delete "flavors" of this, we'd need to strictly limit access to this capability – what are the access control options for these endpoints and how do you configure them? I couldn't find the relevant info on that page or via searches in the docs. -- Baron Fujimoto <ba...@hawaii.edu> ::: UH Information Technology Services minutas cantorum, minutas balorum, minutas carboratum descendus pantorum -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAAjLUL3Z88nV-MGtZs63%3D0veVnKysUAiqTGQ5NezQEw_H%2BKA7A%40mail.gmail.com.
