|
|
|
|
|
|
by e12e
680 days ago
|
|
|
Fair point - in the case of a revoked cert, it'd probably be feasible to just watch the revocation list and pkill a user's sessions - with an expired cert, I'm not sure if there's anywhere to watch for that state-change. Probably the best one could do out of the box is set an 8 hour session limit or so? |
|
|