[ https://issues.jboss.org/browse/GTNPORTAL-3448?page=com.atlassian.jira.pl... ] Tuyen Nguyen The updated GTNPORTAL-3448: ---------------------------------------- Description: Case to reproduce: - Access to api {code} http://localhost:8080/rest/private/managed-components/api/sites/classic/p... {code} - Authentication with user root and now we can list all page of classic site (include Group Navitation and Portal Navigation page) - Wait until session timeout (about ~30 minute) - Access to list all page api again, now we only see public pages (see attachments) and has error in log: {code} [http-bio-8080-exec-10] ERROR exo.core.component.security.core.SetCurrentIdentityFilter - Not found identity in IdentityRegistry for user root, check Login Module. {code} This error is unusually occured. Maybe identity was removed from IdentityRegistry after session timeout and it throw this error. So, we should set restoreIdentity=true of the filter "SetCurrentIdentityFilter" into web.xml of rest.war (like in portal.war) to reinject the identity when it is lost was: Customer does not sometimes use /rest after session timeout. He also propose a workaround which adds "restoreIdentity" of the filter "SetCurrentIdentityFilter" into web.xml of rest.war, this parameter is added to almost war files but this param is not available in rest.war. So, we should add this param into web.xml of rest.war -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira