Actions
Feature #21058
closedKeep track of valid user sessions
Status:
Closed
Priority:
Normal
Assignee:
Category:
Accounts / authentication
Target version:
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Fixed
Description
When a user clicks on the logout button in the application, the users session ID is only deleted in the browser. However, the session actually stays open as the session is not terminated at serverside.
Redmine should keep track of valid sessions and terminate the session when the user logs out.
Actions