In IS 5.3.0, I have configured the authentication flow for an application to have 3 steps. During the authentication flow, the users may remember the result of the first two steps (using cookies) in their initial login. So, in subsequent logins they'll see the third step straight away in which they always need to get authenticated.
Let's say 'Alice' logs in and remember the result for the first two steps and finish her work. After some time 'Bob' also use the same browser and try to login. He won't see the first two steps because there is an already remembered result from Alice's login. But in the third step he can't authenticate because he doesn't know Alice's credentials (and he intend to login as 'Bob'). So he needs to start over the flow as 'Bob'. When he does so, at IS, we should clear the remembered results for 'Alice' and allow the the user to try with a different username (This time he should get authenticated from all 3 steps). How can we achieve this requirement? Is there a known approach? -- *Pulasthi Mahawithana* Senior Software Engineer WSO2 Inc., http://wso2.com/ Mobile: +94-71-5179022 Blog: https://medium.com/@pulasthi7/ <https://wso2.com/signature>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev