Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000599 [Resin] minor always 12-30-05 09:27 04-03-06 11:49
Reporter ferg View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 3.0.17
Summary 0000599: SSO sessions and logout of one
Description (rep by Vinny)

I've run into a serious problem in resin (3.0.16) in which a session attribute
won't go away. I log into one webapp as one customer and then logout
with session.invalidate()
I then log into the webapp as another customer but the original
customer attributes are displayed! Not good. Now I do set customer
attributes in a filter that is mapped to /*
and uses the getUserPrincipal as the key to load in the Preferences
(session attributes).
Does session.invalidate() remove all seesion attributes or not? Do I
have to do it in each
SSOd webapp?
Additional Information
Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
12-30-05 09:27 ferg New Issue
04-03-06 11:49 ferg Assigned To  => ferg
04-03-06 11:49 ferg Status new => closed
04-03-06 11:49 ferg Resolution open => fixed
04-03-06 11:49 ferg Fixed in Version  => 3.0.19
04-03-06 11:49 ferg View Status @0@ => public


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
26 total queries executed.
24 unique queries executed.
Powered by Mantis Bugtracker