Superset + Keycloak concurrent session limiter #28403
Unanswered
saroha87
asked this question in
Q&A / Help
Replies: 2 comments
-
We did some hacky stuff to support it. @expose('/session/token/validate/', methods=['GET'])
def fetchUser(self):
oidc = self.appbuilder.sm.oid
if oidc.user_loggedin:
resp=require_oauth.introspect_token(oidc.get_access_token())
if resp is None:
return self.logout()
elif resp["active"]:
return {'email':resp["email"], 'username':resp["username"], 'fullname':resp["name"]}
else :
return self.logout()
return 'Session cleared',401 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We have integrated Keycloak 24.0.2 with Apache Superset 3.1.2 using Flask-OIDC==2.1.1 and Flask-OpenID==1.3.0 plugins. However, we have the requirement to expire an old session if a new session is initiated by a user, i.e. to have one session active at a time. In Keyloak this can be done using "User session count limiter", i.e. it removes/expired old session of that user on every new login.
However, the same information is not received at Superset, so the login session on Superset remains active. So, we need help on this to limit concurrent session Superset.
Details of configuration are as follows
Superset_config.py with server side session management for token :
Custom security Manager: custom_sso_security_manager.py
We would like to logout the previous session if a new login session is initiated in superset.
Beta Was this translation helpful? Give feedback.
All reactions