[jboss-jira] [JBoss JIRA] (WFLY-8252) HttpServletRequest.logout() doesn't work with Elytron
Stuart Douglas (JIRA)
issues at jboss.org
Mon Mar 13 18:55:00 EDT 2017
[ https://issues.jboss.org/browse/WFLY-8252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stuart Douglas resolved WFLY-8252.
----------------------------------
Fix Version/s: 11.0.0.Alpha1
Resolution: Done
> HttpServletRequest.logout() doesn't work with Elytron
> -----------------------------------------------------
>
> Key: WFLY-8252
> URL: https://issues.jboss.org/browse/WFLY-8252
> Project: WildFly
> Issue Type: Bug
> Components: Security, Web (Undertow)
> Reporter: Josef Cacek
> Assignee: Stuart Douglas
> Priority: Blocker
> Fix For: 11.0.0.Alpha1
>
>
> Calling {{HttpServletRequest.logout()}} leaves user logged in if Elytron security is used.
> This means security flaw, therefor setting priority to blocker.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list