12:29 p.m.
Session Invalidation issue when Tomcat SSO is turned on
-------------------------------------------------------
Key: JBPORTAL-1488
URL: http://jira.jboss.com/jira/browse/JBPORTAL-1488
Project: JBoss Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Portal Server
Affects Versions: 2.6.CR2, 2.4.1 SP1
Reporter: Sohil Shah
Assigned To: Sohil Shah
Priority: Minor
Fix For: 2.6 Final, 2.4.2 Final
It turns out that when Tomcat SSO is turned on, when a user's session is invalidated,
as the portal server iterates through all the active war sessions and invalidates them,
the main portal session is invalidated as well.
The code calls session.invalidate on the main portal session after that and gets and
IllegalStateException because the session is already invalidated.
This exception needs to be handled smoothly so that user does not see a failure upon
logout
Note: This issue surfaces only when Tomcat SSO is actiavted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:40 p.m.
New subject: [JBoss JIRA] Resolved: (JBPORTAL-1488) Session Invalidation issue when Tomcat SSO is turned on
[ http://jira.jboss.com/jira/browse/JBPORTAL-1488?page=all ]
Sohil Shah resolved JBPORTAL-1488.
----------------------------------
Resolution: Done
Session Invalidation issue when Tomcat SSO is turned on
-------------------------------------------------------
Key: JBPORTAL-1488
URL: http://jira.jboss.com/jira/browse/JBPORTAL-1488
Project: JBoss Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Portal Server
Affects Versions: 2.4.1 SP1, 2.6.CR2
Reporter: Sohil Shah
Assigned To: Sohil Shah
Priority: Minor
Fix For: 2.6 Final, 2.4.2 Final
It turns out that when Tomcat SSO is turned on, when a user's session is
invalidated,
as the portal server iterates through all the active war sessions and invalidates them,
the main portal session is invalidated as well.
The code calls session.invalidate on the main portal session after that and gets and
IllegalStateException because the session is already invalidated.
This exception needs to be handled smoothly so that user does not see a failure upon
logout
Note: This issue surfaces only when Tomcat SSO is actiavted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:26 p.m.
New subject: [JBoss JIRA] Commented: (JBPORTAL-1488) Session Invalidation issue when Tomcat SSO is turned on
[ http://jira.jboss.com/jira/browse/JBPORTAL-1488?page=comments#action_1237... ]
krish p commented on JBPORTAL-1488:
-----------------------------------
I am running into this issue as well but I am not sure if we'll be able to move to
2.6CR3. Is there a way to get a patch for this bug fix? Thanks!
Session Invalidation issue when Tomcat SSO is turned on
-------------------------------------------------------
Key: JBPORTAL-1488
URL: http://jira.jboss.com/jira/browse/JBPORTAL-1488
Project: JBoss Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Portal Server
Affects Versions: 2.4.1 SP1, 2.6.CR2
Reporter: Sohil Shah
Assigned To: Sohil Shah
Priority: Minor
Fix For: 2.6 CR3, 2.4.2 Final
It turns out that when Tomcat SSO is turned on, when a user's session is
invalidated,
as the portal server iterates through all the active war sessions and invalidates them,
the main portal session is invalidated as well.
The code calls session.invalidate on the main portal session after that and gets and
IllegalStateException because the session is already invalidated.
This exception needs to be handled smoothly so that user does not see a failure upon
logout
Note: This issue surfaces only when Tomcat SSO is actiavted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:20 a.m.
New subject: [JBoss JIRA] Commented: (JBPORTAL-1488) Session Invalidation issue when Tomcat SSO is turned on
[ http://jira.jboss.com/jira/browse/JBPORTAL-1488?page=comments#action_1240... ]
Sylvain FRANCOIS commented on JBPORTAL-1488:
--------------------------------------------
Hum :-)...
The fix depends on exception message ("invalidate: Session already
invalidated"), which is incorrect since it depends on locale.
IMHO, you should check session using {req.isRequestedSessionIdValid()}
Session Invalidation issue when Tomcat SSO is turned on
-------------------------------------------------------
Key: JBPORTAL-1488
URL: http://jira.jboss.com/jira/browse/JBPORTAL-1488
Project: JBoss Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Portal Server
Affects Versions: 2.4.1 SP1, 2.6.CR2
Reporter: Sohil Shah
Assigned To: Sohil Shah
Priority: Minor
Fix For: 2.6 CR3, 2.4.2 Final
It turns out that when Tomcat SSO is turned on, when a user's session is
invalidated,
as the portal server iterates through all the active war sessions and invalidates them,
the main portal session is invalidated as well.
The code calls session.invalidate on the main portal session after that and gets and
IllegalStateException because the session is already invalidated.
This exception needs to be handled smoothly so that user does not see a failure upon
logout
Note: This issue surfaces only when Tomcat SSO is actiavted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6614
days inactive
6907
days old
3 comments
3 participants
participants (3)
-
krish p (JIRA) -
Sohil Shah (JIRA)
-
Sylvain FRANCOIS (JIRA)