<div dir="ltr">Can you upgrade to latest 2.8? This version should not be affected by that issue</div><br><div class="gmail_quote"><div dir="ltr">Il giorno mar 26 giu 2018 alle ore 13:37 John, Steffen <<a href="mailto:s.john@atenekom.eu">s.john@atenekom.eu</a>> ha scritto:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div>Hi,</div>
<div><br>
</div>
<div>I'm having GeoNode 2.6 which uses the oAuth Toolkit to authorize the user against Geoserver.</div>
<div>When a user logs in into GeoNode a new Access Token is created and the user is also allowed to request Geoserver-Resources.</div>
<div><br>
</div>
<div>After logging out the user, I would expect that the access token is revoked automatically, but this seems not to be the case.</div>
<div><br>
</div>
<div>After logging out the user, I'm still able request the WMS using the old (but still valid) access key. This seems not really safe.</div>
<div><br>
</div>
<div>Is it possible to configure GeoNode/Geoserver, that the access token is revoked on logout?</div>
<div><br>
</div>
<div>Thanks!</div>
<div><br>
</div>
<div><br>
</div>
</div>
_______________________________________________<br>
geonode-users mailing list<br>
<a href="mailto:geonode-users@lists.osgeo.org" target="_blank">geonode-users@lists.osgeo.org</a><br>
<a href="https://lists.osgeo.org/mailman/listinfo/geonode-users" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/geonode-users</a><br>
</blockquote></div>