Skip to content

Proposal: oc logout --all #9994

Closed
Closed
Proposal: oc logout --all#9994
Labels
area/usabilitycomponent/authcomponent/clikind/featureCategorizes issue or PR as related to a new feature.priority/P2
@enj

Description

@enj
enj
opened on Jul 22, 2016

During my Kerberos tests I would often login / logout of multiple user accounts. If my test scripts died at an unexpected point, it would be hard for me to trace what users I currently had tokens for. It would be nice to be able to run a command similar to oc logout --all to handle such a case.

In a similar example, it is possible for a user to login to multiple Kerberos identities using kinit and kswitch. Running kdestroy behaves like oc logout in that it logs you out of the currently active identity. Running kdestroy -A logs you out of all identities. Having similar functionality with oc logout --all would be helpful.

Things oc logout --all would do:

  1. Enumerate all of your tokens, invalidate them on the server and delete them from your client
  2. Possibly show which users / tokens were logged out
  3. Perhaps display some error message when no tokens are present, but it may also be nice for it to just try to logout of all token users, but not be concerned if you have no tokens (would be useful as part of a cleanup routine in tests; this is how kdestroy -A behaves)

Things oc logout --all would NOT do:

  1. Modify certificate based identities
  2. Delete any certificates
  3. Invalidate any certificates

cc people who may care
@liggitt @smarterclayton @juanvallejo @fabianofranz @stevekuznetsov

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/usabilitycomponent/authcomponent/clikind/featureCategorizes issue or PR as related to a new feature.priority/P2

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions