[
http://jira.jboss.com/jira/browse/JBAS-5608?page=all ]
Brian Stansberry updated JBAS-5608:
-----------------------------------
Description:
From SingleSignOnEntry.removeSession(...)
boolean removed = false;
Session[] nsessions = new Session[sessions.length - 1];
...
sessions = nsessions;
// Only if we removed a session, do we replace our session list
if (removed)
sessions = nsessions;
The line above the final if test defeats the purpose of the if test and sets sessions to
an empty Session[].
Minor problem because the "if (removed)" guard is just a safety check; in
practice should return true whenever method is invoked.
was:
From SingleSignOnEntry.removeSession(...)
sessions = nsessions;
// Only if we removed a session, do we replace our session list
if (removed)
sessions = nsessions;
The first line defeats the purpose of the if test.
Priority: Minor (was: Major)
Removing a session from a clustered sso entry removes all sessions
------------------------------------------------------------------
Key: JBAS-5608
URL:
http://jira.jboss.com/jira/browse/JBAS-5608
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Clustering, Web (Tomcat) service
Affects Versions: JBossAS-5.0.0.Beta4, JBossAS-4.2.2.GA, JBossAS-4.2.1.GA,
JBossAS-4.2.0.GA, JBossAS-4.0.5.GA
Reporter: Brian Stansberry
Assigned To: Brian Stansberry
Priority: Minor
Fix For: JBossAS-5.0.0.CR2, JBossAS-4.2.3.GA
From SingleSignOnEntry.removeSession(...)
boolean removed = false;
Session[] nsessions = new Session[sessions.length - 1];
...
sessions = nsessions;
// Only if we removed a session, do we replace our session list
if (removed)
sessions = nsessions;
The line above the final if test defeats the purpose of the if test and sets sessions to
an empty Session[].
Minor problem because the "if (removed)" guard is just a safety check; in
practice should return true whenever method is invoked.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira