Comment 18 for bug 1434034
Revision history for this message
| Adam Young (ayoung) wrote Re: Even if the user is disabled, can use the last token is validated | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Need to handle groups, too. Basically, we need to recreate the whole token from the identity assertion on forward. Otherwise we will have the same issue when a user is removed from a group, the token will have a role on it that is no longer valid.
This is never going to work for Federation, as we will not be able to check at token validation time.