[jboss-jira] [JBoss JIRA] (WFLY-10630) HttpSessionListener.sessionDestroyed() not called if session invalidated in another WAR

HttpSessionListener.sessionDestroyed() not called if session invalidated in another WAR --------------------------------------------------------------------------------------- Key: WFLY-10630 URL: https://issues.jboss.org/browse/WFLY-10630 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 10.0.0.Final, 13.0.0.Final Environment: Windows 10, Java 1.8.0_131 Reproducible with both WildFly-10.0.0.Final and Wildfly-13.0.0.Final Reporter: Bernhard Kabelka Assignee: Bartosz Baranowski For sessions shared across different WARs in a single EAR, the notification of HttpSessionListener works differently in WildFly 10.0.0.Final (and Wildfly 13.0.0.Final) than it it used to work in WildFly 8.2.0.Final: I have an EAR containing two WARs with enabled session sharing across the WARs. Basically, one WAR contains the web UI, and the other WAR contains the REST interfaces for AJAX calls made by the UI. The user authenticates against the UI-WAR. On logout, a REST method in the AJAX-WAR is triggered which calls HttpSession.invalidate() on the user session. In WildFly 8.2.0.Final, a HttpSessionListener in the UI-WAR gets notified immediately about session creation and destruction. In WildFly 13.0.0.Final, however, a HttpSessionListener in either WAR only gets one of the two notifications: * In the UI-WAR, I get a notification about the created session immediately when the login form is loaded. However, I do not receive any notification about the session destruction (unless it times out). * In the AJAX-WAR, I do not get any notification about the session creation at all, but I immediately receive a notification about the session destruction.