[jboss-jira] [JBoss JIRA] (WFLY-5662) HttpServletRequest.changeSessionId() doesn't reassociate session ID with distributed SSO
Paul Ferraro (JIRA)
issues at jboss.org
Wed Nov 11 11:20:00 EST 2015
Paul Ferraro created WFLY-5662:
----------------------------------
Summary: HttpServletRequest.changeSessionId() doesn't reassociate session ID with distributed SSO
Key: WFLY-5662
URL: https://issues.jboss.org/browse/WFLY-5662
Project: WildFly
Issue Type: Bug
Components: Clustering
Affects Versions: 10.0.0.CR4
Reporter: Paul Ferraro
Assignee: Paul Ferraro
The distributed SSO implementation stores a map of sessions using the session ID. If the user changes the session ID, this reference is never changed. Consequently, subsequent calls to SingleSignOn.getSession(SessionManager) will return null.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list