[jboss-jira] [JBoss JIRA] (WFLY-1720) Ensure HttpServletRequest.logout() does not invalidate sessions when SSO is used
Tomaz Cerar (JIRA)
issues at jboss.org
Mon Feb 10 08:39:29 EST 2014
[ https://issues.jboss.org/browse/WFLY-1720?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12943007#comment-12943007 ]
Tomaz Cerar commented on WFLY-1720:
-----------------------------------
Paul is this still relevant in our new SSO impl in WildFly?
> Ensure HttpServletRequest.logout() does not invalidate sessions when SSO is used
> --------------------------------------------------------------------------------
>
> Key: WFLY-1720
> URL: https://issues.jboss.org/browse/WFLY-1720
> Project: WildFly
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Clustering, Web (JBoss Web)
> Affects Versions: 8.0.0.Alpha3
> Reporter: Aaron Ogburn
> Assignee: Paul Ferraro
>
> EAP 6/JBossWeb had a bug that resulted in sessions being improperly invalidated on logout when SSO (clustered or unclustered) were used:
> https://bugzilla.redhat.com/show_bug.cgi?id=958252
> We need to ensure any new SSO offerings on Wildfly incorporated with undertow do not do the same
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list