Question

Single session logout URL

1

Hi, I have the following customer requirement: Only one session is allowed If the user signs into the app a second time, a custom logic in the old session needs to be triggered before the session ends and the user needs to be forwarded to a custom URL The Authentication is done via SSO by using the SAML module. Does anyone have a solution for that? Tank you

asked 2020-08-25

Tobias Keil

1 answers

Rom van Arendonk · Answer 1 · 2020-08-25

That's quite a tricky requirement and I would advise against creating it. However, you could try something like this:

Create a custom login action,
Check if the credentials are correct,
If the credentials are correct, then:
- Check if another session for this user exists (retrieve System.Session based on the User.Name)
- Execute your custom logic microflow as that user (CommunityCommons.ExecuteMicroflowAsUser)
- Kill the user's session
Create a new session for the user

There are many potential failure modes here:

What if the custom logic fails, can you create a new session?
What is the user is currently executing a long running microflow, how will that be handled?
What if the user is currently entering data (the server doesn't know that, since the Mendix runtime is stateless)?
What if the custom logic is taking very long?

I'm sure you can think of many more issues.