[jboss-jira] [JBoss JIRA] (WFLY-5484) Calling HttpServletRequest.logout() with single sign-on enabled only works every second time
Stuart Douglas (JIRA)
issues at jboss.org
Sun Jan 31 17:12:00 EST 2016
[ https://issues.jboss.org/browse/WFLY-5484?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13156793#comment-13156793 ]
Stuart Douglas commented on WFLY-5484:
--------------------------------------
using the linked reproducer it appears that Undertow 1.3.16.Final (which did not make it into WF10) fixes this issue. If you still see it can you post another reproducer that replicates the issue?
> Calling HttpServletRequest.logout() with single sign-on enabled only works every second time
> --------------------------------------------------------------------------------------------
>
> Key: WFLY-5484
> URL: https://issues.jboss.org/browse/WFLY-5484
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Reporter: Richard Janík
> Assignee: Stuart Douglas
> Priority: Blocker
> Fix For: 10.0.0.CR5
>
> Attachments: reproducer-jbeap-1282.zip
>
>
> See "Steps to Reproduce". Logging out from an application only works every second time, e.g. HttpRequestServlet.logout() has to be called twice in order to have any effect
> This doesn't occur without <single-sign-on/> enabled - logout() has the expected effect. The issue is security related, thus I'm adding our security team members as watchers.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list