[jboss-jira] [JBoss JIRA] (JBMETA-402) The flushOnSessionInvalidation attribute is missing in the jboss-web schema and the parser

[Ivo Studensky (JIRA)]

Ivo Studensky created JBMETA-402:
------------------------------------

             Summary: The flushOnSessionInvalidation attribute is missing in the jboss-web schema and the parser
                 Key: JBMETA-402
                 URL: https://issues.jboss.org/browse/JBMETA-402
             Project: JBoss Metadata
          Issue Type: Bug
          Components: web
            Reporter: Ivo Studensky
            Assignee: Ivo Studensky
             Fix For: 10.0.2.Final


The class {{org.jboss.metadata.parser.jbossweb.JBossWebMetaDataParser}} doesn't support reading {{"flushOnSessionInvalidation"}} attribute on {{"security-domain"}} element. And also the schema files for {{jboss-web.xml}} doesn't mention this attribute.

The class {{org.jboss.metadata.web.jboss.JBossWebMetaData}} contains the attribute {{flushOnSessionInvalidation}}, which comes from old JBoss versions (3.2 and 4.0). [The description|https://developer.jboss.org/wiki/CachingLoginCredentials] says:

??The jboss-web.xml security-domain element now supports a flushOnSessionInvalidation boolean attribute that when true, will flush the security-domain JAAS authentication cache for the associated user principal.??

This attribute is also supported in WildFly integration with Undertow ([look at source|https://github.com/wildfly/wildfly/blob/10.0.0.CR3/undertow/src/main/java/org/wildfly/extension/undertow/deployment/UndertowDeploymentInfoService.java#L430-L433]), but the code is never reached as the flushOnSessionInvalidation attribute value stays always *false*.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)