Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
Description
We are missing the functionality (event) to notice that a user is using a certain application.
We are using Crowd together with JIRA, Confluence etc. and with SSO enabled. Now, if a user logs in to an application, there is the UserAuthenticationSucceededEvent (case 1). But if the user switches over to another application, he is already logged in (SSO) but certainly there is no event that indicates the usage of that application (case 2).
In the source code of Crowd, all this stuff is happening in the TokenAuthenticationManagerImpl class.
For the first case, there is the method authenticateUser(...) that publishes the UserAuthenticationSucceededEvent.
And for the second case, there is the method validateUserToken(...) that does some similar things but does not publish any event.
Both methods are calling the method updateUserLastActivity(...) so one option would be to publish a new UserActivityEvent or something like that. Another option is to publish a new UserTokenValidatedEvent. And a third option is to the publish UserAuthenticationSucceededEvent again, as a token validation is kind of an authentication, but this could affect the behaviour of existing plugins.
Please let me know what you think about that and if there is a change for an implementation. This should not be too hard and would be very useful for us.
Thank you!