cviecco
commented
4 years ago Can you please elaborate a little on the workflow proposed? Are you wanting for a way for admins to invalidate current sessions? or for users to self-logout?
Open ssuresh1750 opened 4 years ago
cviecco
commented
4 years ago Can you please elaborate a little on the workflow proposed? Are you wanting for a way for admins to invalidate current sessions? or for users to self-logout?
Issue
There is no logout option in cloud-gate.
Steps to reproduce
Login to Cloud-gate (web). We will notice that there is no option to logout.
Impact
No means for a user to logout of the application. In this case, the session lasts as long as the short lived credentials that are issued to the user upon login to the UI. In a case where insider threat/malicious activity is discovered, logout functionality would be required to log those users out of the application.
Remediation
Adding logout functionality.