[jboss-jira] [JBoss JIRA] (WFLY-5546) The flushOnSessionInvalidation is not parsed correctly from jboss-web.xml

Tue Oct 20 07:48:01 EDT 2015

Josef Cacek created WFLY-5546:
---------------------------------

             Summary: The flushOnSessionInvalidation is not parsed correctly from jboss-web.xml
                 Key: WFLY-5546
                 URL: https://issues.jboss.org/browse/WFLY-5546
             Project: WildFly
          Issue Type: Bug
          Components: Web (Undertow)
            Reporter: Josef Cacek
            Assignee: Stuart Douglas

The class {{org.jboss.metadata.parser.jbossweb.JBossWebMetaDataParser}} doesn't support reading {{"flushOnSessionInvalidation"}} attribute on {{"security-domain"}} element. And also the schema files for {{jboss-web.xml}} doesn't mention this attribute.

The class {{org.jboss.metadata.web.jboss.JBossWebMetaData}} contains the attribute {{flushOnSessionInvalidation}}, which comes from old JBoss versions (3.2 and 4.0). [The description|https://developer.jboss.org/wiki/CachingLoginCredentials] says:

??The jboss-web.xml security-domain element now supports a flushOnSessionInvalidation boolean attribute that when true, will flush the security-domain JAAS authentication cache for the associated user principal.??

This attribute is also supported in WildFly integration with Undertow ([look at source|https://github.com/wildfly/wildfly/blob/10.0.0.CR3/undertow/src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java#L430-L433]), but the code is never reached as the flushOnSessionInvalidation attribute value stays always *false*.

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)