]
Richard Janík commented on WFLY-5484:
-------------------------------------
After discussion with Stuart, we found that the problem was in my testing process.
Undertow 1.3.16.Final really does fix this.
Calling HttpServletRequest.logout() with single sign-on enabled only
works every second time
--------------------------------------------------------------------------------------------
Key: WFLY-5484
URL:
https://issues.jboss.org/browse/WFLY-5484
Project: WildFly
Issue Type: Bug
Components: Web (Undertow)
Reporter: Richard Janík
Assignee: Stuart Douglas
Priority: Blocker
Fix For: 10.0.0.CR5
Attachments: reproducer-jbeap-1282.zip
See "Steps to Reproduce". Logging out from an application only works every
second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any
effect
This doesn't occur without <single-sign-on/> enabled - logout() has the
expected effect. The issue is security related, thus I'm adding our security team
members as watchers.