5d6eefa498
The Multiple Simultaneous Logins Control is a feature designed for securing Horizon dashboard sessions. The default Horizon configuration allows the same user to login several times (e.g. different browsers) simultaneously, that is, the same user can have more than one active session for Horizon dashboard. When there is the need to control the active sessions that one user can have simultaneously, it will be possible to configure the Horizon dashboard to disallow more than one active session per user. When multiple simultaneously sessions are disabled, the most recent authenticated session will be considered the valid one and the previous session will be invalidated. The following manual tests encompass both simulteaneous session control configuration: 'allow' and 'disconnect' and were verified with this code change before submitting it: Test Plan: PASS: Verify that a user is able to login to Horizon dashboard (when configuration is 'disconnect') PASS: Verify that a user is able to start a second Horizon dashboard session and the first session is finished (when configuration is 'disconnect') Failure Path: PASS: Verify that when a user fails to authenticate a second Horizon dashboard session the first session stills active (when configuration is 'disconnect') Regression: PASS: Verify that a user is able to login to Horizon dashboard (when configuration is default: 'allow') PASS: Verify that a user is able to start multiple simultaneous Horizon dashboard sessions (when configuration is default: 'allow') Implements: blueprint handle-multiple-login-sessions-from-same-user-in-horizon Signed-off-by: Hugo Brito <hugo.brito@windriver.com> Co-authored-by: Thales Elero Cervi <thaleselero.cervi@windriver.com> Change-Id: I8462aa98398dd8f27fe24d911c9bfaa7f303eb93 |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| base.py | ||
| operation_log.py | ||
| simultaneous_sessions.py | ||