]
Farah Juma reassigned WFLY-8272:
--------------------------------
Assignee: (was: Darran Lofthouse)
HttpServerExchange logout not happening after sessiontime out
-------------------------------------------------------------
Key: WFLY-8272
URL:
https://issues.jboss.org/browse/WFLY-8272
Project: WildFly
Issue Type: Bug
Components: Security
Affects Versions: 10.1.0.Final
Reporter: Ramesh khot
I have an application deployed on wildfly-10.1.0.Final, using picketbox form based
authentication integrated with SSO, we are using Jsf framework
After ExternalContext.invalidateSession(); call UsernamePasswordLoginModule.logout()
method is not triggered, which is used to happen in Jboss EAP 6.*, now I am calling
request.logout() to flush the session data, which works for me
After session time out invalidateSession is called but its not flushing session data,
log says exchange null
io.undertow.session trace log:
*When request.logout():*
00:19:14,602 DEBUG [io.undertow.session] (default task-45) Invalidating session
WUZTg0SSQXsbqgByND0Mpz1SMtcLExt7vGgrVr-E for exchange HttpServerExchange{ POST
/plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml request
{Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8],
Accept-Language=[en-US,en;q=0.8,de-DE;q=0.6,de;q=0.4,en-GB;q=0.2], Accept-Encoding=[gzip,
deflate], DNT=[1], User-Agent=[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
Firefox/45.0; Firefox 45.7.0 - 11712-1502320053-1.34], Connection=[keep-alive],
Cookie=[j_username=guest1; j_password=passguest1;
JSESSIONID=WUZTg0SSQXsbqgByND0Mpz1SMtcLExt7vGgrVr-E.bmh1058602;
JSESSIONIDSSO=PSz_b3ZYOtUYMPDC5_rdS-volKYXMH2j0pY-NLfe],
Content-Type=[application/x-www-form-urlencoded], Content-Length=[116],
Referer=[http://localhost:8090/plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml],
Host=[localhost:8090]} response {Expires=[0], Cache-Control=[no-cache, no-store,
must-revalidate], X-Powered-By=[Undertow/1], Server=[WildFly/10], Pragma=[no-cache]}}
00:19:18,864 DEBUG [io.undertow.request.security] (default task-45) Logging out user
guest1 for HttpServerExchange{ POST
/plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml request
{Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8],
Accept-Language=[en-US,en;q=0.8,de-DE;q=0.6,de;q=0.4,en-GB;q=0.2], Accept-Encoding=[gzip,
deflate], DNT=[1], User-Agent=[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
Firefox/45.0; Firefox 45.7.0 - 11712-1502320053-1.34], Connection=[keep-alive],
Cookie=[j_username=guest1; j_password=passguest1;
JSESSIONID=WUZTg0SSQXsbqgByND0Mpz1SMtcLExt7vGgrVr-E.bmh1058602;
JSESSIONIDSSO=PSz_b3ZYOtUYMPDC5_rdS-volKYXMH2j0pY-NLfe],
Content-Type=[application/x-www-form-urlencoded], Content-Length=[116],
Referer=[http://localhost:8090/plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml],
Host=[localhost:8090]} response {Expires=[0], Cache-Control=[no-cache, no-store,
must-revalidate], X-Powered-By=[Undertow/1], Server=[WildFly/10], Pragma=[no-cache]}}
00:19:18,864 DEBUG [io.undertow.request.security] (default task-45) Logged out
HttpServerExchange{ POST /plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml
request {Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8],
Accept-Language=[en-US,en;q=0.8,de-DE;q=0.6,de;q=0.4,en-GB;q=0.2], Accept-Encoding=[gzip,
deflate], DNT=[1], User-Agent=[Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
Firefox/45.0; Firefox 45.7.0 - 11712-1502320053-1.34], Connection=[keep-alive],
Cookie=[j_username=guest1; j_password=passguest1;
JSESSIONID=WUZTg0SSQXsbqgByND0Mpz1SMtcLExt7vGgrVr-E.bmh1058602;
JSESSIONIDSSO=PSz_b3ZYOtUYMPDC5_rdS-volKYXMH2j0pY-NLfe],
Content-Type=[application/x-www-form-urlencoded], Content-Length=[116],
Referer=[http://localhost:8090/plcdng_slim_dev/BootstrapUI/pages/protected/user/bootstrap.xhtml],
Host=[localhost:8090]} response {Expires=[0], Cache-Control=[no-cache, no-store,
must-revalidate], X-Powered-By=[Undertow/1], Server=[WildFly/10], Pragma=[no-cache]}}
*After session time out:*
Invalidating session H3Gy64JardrjwVMSxvKswFibxq136utoEnjZLdeG for exchange null