Active Sessions Didn't Get Invalidate After User Reset or Change His Password
(Doc ID 2730151.1)
Last updated on NOVEMBER 25, 2020
Applies to:
Oracle Banking Digital Experience - Version 20.1.0.0.0 and laterInformation in this document applies to any platform.
Symptoms
ACTUAL BEHAVIOR
---------------
User can continue accessing application in different browsers and devices even after password is changed.
EXPECTED BEHAVIOR
-----------------------
User's active sessions must be made invalid after password change.
STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Login with any user in browser 1
2. Login with same user in another browser (browser 2)
3. Change the password (from logged in session of browser 1)
4. User can continue to perform transactions in browser 1
5. Go back to another browser , user can continue to perform transaction even after password change.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |