[GeoNode-users] Geonode Logout and OAuth Access Tokens
francesco bartoli
xbartolone at gmail.com
Tue Jun 26 04:46:52 PDT 2018
Can you upgrade to latest 2.8? This version should not be affected by that
issue
Il giorno mar 26 giu 2018 alle ore 13:37 John, Steffen <s.john at atenekom.eu>
ha scritto:
> Hi,
>
> I'm having GeoNode 2.6 which uses the oAuth Toolkit to authorize the user
> against Geoserver.
> When a user logs in into GeoNode a new Access Token is created and the
> user is also allowed to request Geoserver-Resources.
>
> After logging out the user, I would expect that the access token is
> revoked automatically, but this seems not to be the case.
>
> After logging out the user, I'm still able request the WMS using the old
> (but still valid) access key. This seems not really safe.
>
> Is it possible to configure GeoNode/Geoserver, that the access token is
> revoked on logout?
>
> Thanks!
>
>
> _______________________________________________
> geonode-users mailing list
> geonode-users at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20180626/18e90270/attachment.html>
More information about the geonode-users
mailing list