| Anonymous | Login | Signup for a new account | 04-29-2024 06:06 PDT |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0000599 | [Resin] | minor | always | 12-30-05 09:27 | 04-03-06 11:49 | ||||
| Reporter | ferg | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | normal | Resolution | fixed | Platform | |||||
| Status | closed | OS | |||||||
| Projection | none | OS Version | |||||||
| ETA | none | Fixed in Version | 3.0.19 | Product Version | 3.0.17 | ||||
| Product Build | |||||||||
| Summary | 0000599: SSO sessions and logout of one | ||||||||
| Description |
(rep by Vinny) I've run into a serious problem in resin (3.0.16) in which a session attribute won't go away. I log into one webapp as one customer and then logout with session.invalidate() I then log into the webapp as another customer but the original customer attributes are displayed! Not good. Now I do set customer attributes in a filter that is mapped to /* and uses the getUserPrincipal as the key to load in the Preferences (session attributes). Does session.invalidate() remove all seesion attributes or not? Do I have to do it in each SSOd webapp? |
||||||||
| Steps To Reproduce | |||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
| There are no notes attached to this issue. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 12-30-05 09:27 | ferg | New Issue | |
| 04-03-06 11:49 | ferg | Assigned To | => ferg |
| 04-03-06 11:49 | ferg | Status | new => closed |
| 04-03-06 11:49 | ferg | Resolution | open => fixed |
| 04-03-06 11:49 | ferg | Fixed in Version | => 3.0.19 |
| 04-03-06 11:49 | ferg | View Status | @0@ => public |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
26 total queries executed. 24 unique queries executed. |  |
