6.0.0-git
2018-12-16

[#14451] Remote logout on all devices
Summary Remote logout on all devices
Queue IMP
Queue Version Git master
Type Enhancement
State Feedback
Priority 1. Low
Owners
Requester jo (at) jolanders (dot) com
Created 2016-08-23 (845 days ago)
Due
Updated 2016-08-31 (837 days ago)
Assigned
Resolved
Milestone
Patch No

History
2016-08-31 13:39:05 Jan Schneider Comment #2
State ⇒ Feedback
Priority ⇒ 1. Low
Reply to this comment
This could be done in at least two possible ways:
1) Using the session handling in PHP. We would need to find and delete 
all of the user's sessions, which may or may not work, depending on 
the session handler backend.
2) Setting some flag that's checked on each request and that logs the 
user out when set. This would add additional overhead to each request 
and the question is, where to store this flag. Prefs are ruled out 
because they are cached in the session.
2016-08-23 22:31:39 jo (at) jolanders (dot) com Comment #1
Type ⇒ Enhancement
State ⇒ New
Priority ⇒ 2. Medium
Summary ⇒ Remote logout on all devices
Queue ⇒ IMP
Milestone ⇒
Patch ⇒ No
Reply to this comment
Would love the ability to force logout or do a remote logout on all 
devices when a user has forgotten to log out of horde (for example, on 
a "public" computer or a computer at a remote or client location. 
Currently using a work-around by changing the user password, but 
something like gmail or facebook's "log me out on all devices" would 
be a wonderful option; currently this is a huge security issue for my 
business; we provide bookkeeping services off or on-site at client 
locations. When on-site at a client location,w e are using their 
computer and software, which means logging in on their device. If 
someone forgets to logout before they leave, Horde doesn't time them 
out and may still be running days later, with full access to that 
person's email.

Saved Queries