[jboss-jira] [JBoss JIRA] Assigned: (JBPORTAL-2030) Portal session expiration should invalidate portlet webapps sessions
Thomas Heute (JIRA)
jira-events at lists.jboss.org
Tue Aug 26 07:48:39 EDT 2008
[ https://jira.jboss.org/jira/browse/JBPORTAL-2030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thomas Heute reassigned JBPORTAL-2030:
--------------------------------------
Assignee: Thomas Heute
> Portal session expiration should invalidate portlet webapps sessions
> --------------------------------------------------------------------
>
> Key: JBPORTAL-2030
> URL: https://jira.jboss.org/jira/browse/JBPORTAL-2030
> Project: JBoss Portal
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Portal Core
> Affects Versions: 2.6.5 SP1
> Reporter: Boleslaw Dawidowicz
> Assignee: Thomas Heute
> Fix For: 2.7.0 CR1
>
>
> Currently when portal session expires and after page refresh user logs in with different credentials portlet session can last and contain outdated data. Good example of such behavior is this case : http://jira.jboss.com/jira/browse/JBPORTAL-2025.
> Current workaround is to set session-timeout that matches portal servlet one in all portlet web application.
> Proper solution could be an interceptor that would track session id around request dispatch and invalidate it if needed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list