Spring SAML – Need two SAML Session and use second session for the approval workflow and not conflict with existing logged in user

huangapple go评论74阅读模式
英文:

Spring SAML - Need two SAML Session and use second session for the approval workflow and not conflict with existing logged in user

问题

我们正在使用Apache Tomcat/SAML安全扩展和Okta作为IdP来实现SAML 2.0。用户A使用应用程序登录,并在Spring安全上下文中将登录标识设置为“User A”。当某些屏幕需要管理员批准时,管理员用户使用其SAML用户ID/密码登录,然后现有会话被覆盖。

需求:

  1. 如有可能,第二个SAML用户“User B”登录而不影响首次登录的SAML用户“User A”。
  2. 如果选项1不可行,我能在用户A会话和用户B会话之间切换吗?即在完成用户B的工作后,我能切换回用户A的SAML会话吗?
英文:

We're implementing SAML2.0 using Apache Tomcat/SAML Security Extension and Okta as IdP. User A logins with the application and spring security context setting the login id as "User A" and when the admin approval needed on few screen, an admin user login with his saml user id/password then the existing session get overwritten.

Needed :

  1. If possible the second saml user 'User B' logging in without impacting first logged in saml user "User A"
  2. If option 1 is not possible, can i switch between User A Session and User B? i.e After User B work done, can i switch back to User A saml session ?

答案1

得分: 0

似乎Spring 2已经弃用了这个功能

是否有其他方法来处理单个浏览器上的两个用户,即使是一个接一个地登录,也不需要用户重新登录?

英文:

Its look like Spring 2 has retired this feature Spring SAML – Need two SAML Session and use second session for the approval workflow and not conflict with existing logged in user

Any other work around for handling two users on the single browser even one after other without asking for re-login from the user?

huangapple
  • 本文由 发表于 2020年9月24日 01:29:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/64033311.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定