Supply a REST user session resource with a DELETE operation

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Fixed
    • 2.5.3
    • Component/s: REST, SSO
    • None

      Request URIs:

      DELETE /user/{username}/session
DELETE /user/{username}/session?exclude={token}

      shall delete all sessions maintained for the specified user. This effectively logs them out everywhere.

      If an exclude parameter is provided, presumably using the token in the current browser, then that session (if it exists) is excluded. If it does not exist, there is no error.

      Response status:

      • 404 Not Found - if the user does not exist
      • 205 Reset Content - otherwise (and no body content is returned)

      If you insist on maintain the terrible URI formats for user resources, they'll have to look like this:

      DELETE /user/session?username={username}
DELETE /user/session?username={username}&exclude={token}

            Assignee:
            joe
            Reporter:
            JoshA
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - Not Specified
                Not Specified
                Logged:
                Time Spent - 22m
                22m