| Summary | Remote logout on all devices |
| Queue | IMP |
| Queue Version | Git master |
| Type | Enhancement |
| State | Feedback |
| Priority | 1. Low |
| Owners | |
| Requester | jo (at) jolanders (dot) com |
| Created | 08/23/2016 (3186 days ago) |
| Due | |
| Updated | 08/31/2016 (3178 days ago) |
| Assigned | |
| Resolved | |
| Milestone | |
| Patch | No |
State ⇒ Feedback
Priority ⇒ 1. Low
1) Using the session handling in PHP. We would need to find and delete
all of the user's sessions, which may or may not work, depending on
the session handler backend.
2) Setting some flag that's checked on each request and that logs the
user out when set. This would add additional overhead to each request
and the question is, where to store this flag. Prefs are ruled out
because they are cached in the session.
State ⇒ New
Priority ⇒ 2. Medium
Type ⇒ Enhancement
Summary ⇒ Remote logout on all devices
Queue ⇒ IMP
Milestone ⇒
Patch ⇒ No
devices when a user has forgotten to log out of horde (for example, on
a "public" computer or a computer at a remote or client location.
Currently using a work-around by changing the user password, but
something like gmail or facebook's "log me out on all devices" would
be a wonderful option; currently this is a huge security issue for my
business; we provide bookkeeping services off or on-site at client
locations. When on-site at a client location,w e are using their
computer and software, which means logging in on their device. If
someone forgets to logout before they leave, Horde doesn't time them
out and may still be running days later, with full access to that
person's email.