On Wed, Mar 1, 2017 at 9:04 PM, Thanuja Jayasinghe <than...@wso2.com> wrote:
> Hi Pulasthi, > > The best approach is to ask Alice to log-out when she leaves the browser. > Bad Alice, never does that... Thanks & regards, -Prabath > > Or from the application side, we can give an option like "fresh-login" > which sends a "forceAuth=true" request to the IS. So he will go through the > authentication process again. > > Thanks, > Thanuja > > > On Thu, Mar 2, 2017 at 3:14 AM, Pulasthi Mahawithana <pulast...@wso2.com> > wrote: > >> In IS 5.3.0, I have configured the authentication flow for an application >> to have 3 steps. During the authentication flow, the users may remember the >> result of the first two steps (using cookies) in their initial login. So, >> in subsequent logins they'll see the third step straight away in which they >> always need to get authenticated. >> >> Let's say 'Alice' logs in and remember the result for the first two steps >> and finish her work. After some time 'Bob' also use the same browser and >> try to login. He won't see the first two steps because there is an already >> remembered result from Alice's login. But in the third step he can't >> authenticate because he doesn't know Alice's credentials (and he intend to >> login as 'Bob'). So he needs to start over the flow as 'Bob'. When he does >> so, at IS, we should clear the remembered results for 'Alice' and allow the >> the user to try with a different username (This time he should get >> authenticated from all 3 steps). How can we achieve this requirement? Is >> there a known approach? >> >> >> -- >> *Pulasthi Mahawithana* >> Senior Software Engineer >> WSO2 Inc., http://wso2.com/ >> Mobile: +94-71-5179022 <+94%2071%20517%209022> >> Blog: https://medium.com/@pulasthi7/ >> >> <https://wso2.com/signature> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > *Thanuja Lakmal* > Senior Software Engineer > WSO2 Inc. http://wso2.com/ > *lean.enterprise.middleware* > Mobile: +94715979891 +94758009992 > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://facilelogin.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
