[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-4074) Internet Explorer 7.0 session cache not cleaned

Shervin Asgari (JIRA) jira-events at lists.jboss.org
Thu Apr 2 12:04:22 EDT 2009 

    [ https://jira.jboss.org/jira/browse/JBSEAM-4074?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12460296#action_12460296 ] 

Shervin Asgari commented on JBSEAM-4074:
----------------------------------------

And how is this not a bug? 
This is not for support. When things work perfectly in Firefox and Opera, but fails in Internet Explorer, clearly something is wrong with either Seam or Internet Explorer.

I have not the in depth knowledge in seam to know if this is a seam error or Internet explorer error, and that is why I have posted it here.
Again, this has nothing to do with support.

> Internet Explorer 7.0 session cache not cleaned
> -----------------------------------------------
>
>                 Key: JBSEAM-4074
>                 URL: https://jira.jboss.org/jira/browse/JBSEAM-4074
>             Project: Seam
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 2.1.1.GA
>         Environment: Windows XP
> Internet Explorer 7.0
>            Reporter: Shervin Asgari
>
> Our test developer found something quite strange. We have a page, which is restricted with a admin role.
> This is what he did to find the error:
>    1. Login as admin
>    2. Click on some of the admin stuff (creating users, listing users etc)
>    3. Copy url of the admin page
>    4. Logout
>    5. Login as user
>    6. Paste url of admin page
> Now in opera and firefox under Linux this didnt work. You got the error page with limited restriction message.
> However on windows and Internet Explorer 7, when pasting the url, you can view ALL the admin pages through the url. Listing the users, creating users, the home page of the admin etc. So seams like the cache of Internet Explorer is not properly cleaned.
> Now is this a bug in Seam or is the security in Internet Explorer?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list