Add concurrent session limit logout message #152949
Conversation
thomheymann
added
Team:Security
💚 Build Succeeded
Metrics [docs]Async chunks
Page load bundle
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
To update your PR or re-run it, just comment with: |
|
Pinging @elastic/kibana-security (Team:Security) |
thomheymann
added
the
release_note:skip
| CONCURRENCY_LIMIT: { | ||
| type: LoginFormMessageType.Info, | ||
| content: i18n.translate('xpack.security.login.concurrencyLimitDescription', { | ||
| defaultMessage: 'You have logged in on another device. Please log in again.', |
There was a problem hiding this comment.
Nit/question: As the number of concurrent sessions is configurable, should we be more explicit? e.g. "The number of allowable concurrent logins has been exceeded." or "You have logged in on another device, exceeding the concurrent session limit of N."
Not sure this is necessary, but thought I'd mention.
There was a problem hiding this comment.
I phrased this intentionally simple as I don't think the technical details / specific settings are important here for the user. As an administrator it might be of value but my thinking was that they can refer to the debug logs which contains more information about the exact logout reason if required.
There was a problem hiding this comment.
That seems reasonable to me. 👍
Resolves #149532 ## Summary Explain logout reason when current session limit has been reached. ## Screenshot <img width="498" alt="Screenshot 2023-03-08 at 18 03 43" src="https://user-images.githubusercontent.com/190132/223793779-b3c0893e-3974-4a07-a81b-a5b0de5086a5.png"> ## Testing 1. Configure concurrent session limit: ```yaml xpack.security.session.concurrentSessions: maxSessions: 1 ``` 2. Log into Kibana 3. Open a private browsing window and login again with the same user 4. Go back to the first window and navigate to a different page 5. This will log the user out showing the concurrent session limit message
Resolves elastic#149532 ## Summary Explain logout reason when current session limit has been reached. ## Screenshot <img width="498" alt="Screenshot 2023-03-08 at 18 03 43" src="https://user-images.githubusercontent.com/190132/223793779-b3c0893e-3974-4a07-a81b-a5b0de5086a5.png"> ## Testing 1. Configure concurrent session limit: ```yaml xpack.security.session.concurrentSessions: maxSessions: 1 ``` 2. Log into Kibana 3. Open a private browsing window and login again with the same user 4. Go back to the first window and navigate to a different page 5. This will log the user out showing the concurrent session limit message
Resolves #149532
Summary
Explain logout reason when current session limit has been reached.
Screenshot
Testing