[jboss-jira] [JBoss JIRA] (WFLY-8252) HttpServletRequest.logout() doesn't work with Elytron
Josef Cacek (JIRA)
issues at jboss.org
Mon Feb 27 15:46:00 EST 2017
Josef Cacek created WFLY-8252:
---------------------------------
Summary: HttpServletRequest.logout() doesn't work with Elytron
Key: WFLY-8252
URL: https://issues.jboss.org/browse/WFLY-8252
Project: WildFly
Issue Type: Bug
Components: Web (Undertow), Security
Reporter: Josef Cacek
Assignee: Stuart Douglas
Priority: Blocker
Calling {{HttpServletRequest.logout()}} leaves user logged in if Elytron security is used.
This means security flaw, therefor setting priority to blocker.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list