[jboss-jira] [JBoss JIRA] Resolved: (JBWEB-70) Add ability to make session tracking persistent (...based on persistent cookies)
Remy Maucherat (JIRA)
jira-events at lists.jboss.org
Tue Jul 22 11:00:16 EDT 2008
[ https://jira.jboss.org/jira/browse/JBWEB-70?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Remy Maucherat resolved JBWEB-70.
---------------------------------
Resolution: Rejected
The session cookie feature addition in Servlet 3.0 will not include this, probably because it would reduce security a lot.
> Add ability to make session tracking persistent (...based on persistent cookies)
> --------------------------------------------------------------------------------
>
> Key: JBWEB-70
> URL: https://jira.jboss.org/jira/browse/JBWEB-70
> Project: JBoss Web
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Reporter: Amit Kasher
> Assignee: Remy Maucherat
>
> In cases where HttpSession objects should not be invalidated if the user closed the browser, JBoss (Tomcat, actually) should expose the configuration of the maximum age of the cookies used to track the session.
> Currently, it is doing ...jsessionTrackingCookie.setMaxAge(-1)... which means that the cookie is set to expire when the browser session ends.
> I would expect this to be configurable somewhere, so that I can make this cookie non-transient.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list