[jboss-jira] [JBoss JIRA] (WFLY-7019) [11.0.x] Calling HttpServletRequest.logout() with single sign-on enabled only works every second time

Richard Janík (JIRA) issues at jboss.org
Mon Aug 29 06:18:00 EDT 2016 

     [ https://issues.jboss.org/browse/WFLY-7019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Richard Janík updated WFLY-7019:
--------------------------------
               Tester: Richard Janík
          Description: 
This issue has resurfaced with 11.0.0.Alpha1-SNAPSHOT. It has been previously reported and fixed in 10.1.0.Final.

See "Steps to Reproduce". Logging out from an application only works every second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any effect. This doesn't occur without <single-sign-on/> enabled - logout() has the expected effect. I'm adding our security team members as watchers.

I'm trying to create a test in the WildFly integration testsuite, but I'm currently failing ([1]). The test I have written is currently passing. I don't know why yet, but either the test is bad or there might be something specific about the issue. The reproducer from JBEAP-1282 still works (in other words, it is failing now that the issue has appeared again).

[1]: https://github.com/LittleJohnII/wildfly/blob/sso-logout/testsuite/integration/clustering/src/test/java/org/jboss/as/test/clustering/cluster/sso/ClusteredSingleSignOnTestCase.java see testLogoutWithClusteredSSO

  was:
See "Steps to Reproduce". Logging out from an application only works every second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any effect

This doesn't occur without <single-sign-on/> enabled - logout() has the expected effect. The issue is security related, thus I'm adding our security team members as watchers.

        Fix Version/s:     (was: 10.1.0.CR1)
                           (was: 10.1.0.Final)
             Priority: Major  (was: Blocker)
    Affects Version/s: 11.0.0.Alpha1


> [11.0.x] Calling HttpServletRequest.logout() with single sign-on enabled only works every second time
> -----------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-7019
>                 URL: https://issues.jboss.org/browse/WFLY-7019
>             Project: WildFly
>          Issue Type: Bug
>          Components: Web (Undertow)
>    Affects Versions: 11.0.0.Alpha1
>            Reporter: Richard Janík
>            Assignee: Stuart Douglas
>
> This issue has resurfaced with 11.0.0.Alpha1-SNAPSHOT. It has been previously reported and fixed in 10.1.0.Final.
> See "Steps to Reproduce". Logging out from an application only works every second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any effect. This doesn't occur without <single-sign-on/> enabled - logout() has the expected effect. I'm adding our security team members as watchers.
> I'm trying to create a test in the WildFly integration testsuite, but I'm currently failing ([1]). The test I have written is currently passing. I don't know why yet, but either the test is bad or there might be something specific about the issue. The reproducer from JBEAP-1282 still works (in other words, it is failing now that the issue has appeared again).
> [1]: https://github.com/LittleJohnII/wildfly/blob/sso-logout/testsuite/integration/clustering/src/test/java/org/jboss/as/test/clustering/cluster/sso/ClusteredSingleSignOnTestCase.java see testLogoutWithClusteredSSO



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list