Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.14.CR1, 7.4.14.GA
Affects Version/s: 7.4.12.GA
Component/s: Clustering, Undertow
Labels:
- upstream-fixed

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/jbossas/jboss-eap7/pull/4568
Steps to Reproduce:

Hide

1. Launch JBoss with attached configuration and deployment
2. Make following requests:
a. http://localhost:8080/app1/session.jsp
b. http://localhost:8080/app2/session.jsp
c. http://localhost:8080/app1/invalidate.jsp

Show
1. Launch JBoss with attached configuration and deployment 2. Make following requests: a. http://localhost:8080/app1/session.jsp b. http://localhost:8080/app2/session.jsp c. http://localhost:8080/app1/invalidate.jsp
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

After ~~JBEAP-15303~~, invalidating a session in a config using Undertow SSO results in an UnsupportedOperationException being thrown by invalidation attempted on any other session associated with the SSO entry:

Caused by: java.lang.UnsupportedOperationException
	at org.wildfly.clustering.web.undertow@7.4.12.GA-redhat-00003//org.wildfly.clustering.web.undertow.sso.DistributableSingleSignOn$SimpleSessionConfig.setSessionId(DistributableSingleSignOn.java:256)
	at org.wildfly.clustering.web.undertow@7.4.12.GA-redhat-00003//org.wildfly.clustering.web.undertow.session.DistributableSessionManager.getSession(DistributableSessionManager.java:233)
	at org.wildfly.clustering.web.undertow@7.4.12.GA-redhat-00003//org.wildfly.clustering.web.undertow.sso.DistributableSingleSignOn$InvalidatableSession.invalidate(DistributableSingleSignOn.java:182)
	at io.undertow.core@2.2.25.SP3-redhat-00001//io.undertow.security.impl.SingleSignOnAuthenticationMechanism$SessionInvalidationListener.sessionDestroyed(SingleSignOnAuthenticationMechanism.java:213)
	at io.undertow.core@2.2.25.SP3-redhat-00001//io.undertow.server.session.SessionListeners.sessionDestroyed(SessionListeners.java:61)
	at org.wildfly.clustering.web.undertow@7.4.12.GA-redhat-00003//org.wildfly.clustering.web.undertow.session.DistributableSession.invalidate(DistributableSession.java:276)
	at io.undertow.servlet@2.2.25.SP3-redhat-00001//io.undertow.servlet.spec.HttpSessionImpl.invalidate(HttpSessionImpl.java:198)
	at org.apache.jsp.invalidate_jsp._jspService(invalidate_jsp.java:96)
	at io.undertow.jsp@2.0.14.Final-redhat-00001//org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.api@2.0.0.Final-redhat-00001//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
	at io.undertow.jsp@2.0.14.Final-redhat-00001//org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433)
	... 51 more

So this requires a fix similar to ~~JBEAP-24362~~.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

reproducer.zip
13 kB
2023/09/06 1:46 AM

is caused by

JBEAP-15303 [GSS](7.4.z) WFLY-10912 - CodecSessionConfig#findSessionId() causes an incorrect JSESSIONID Set-Cookie header

Closed

Assignee:: Chao Wang

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/09/06 1:41 AM

Updated:: 2024/08/19 1:58 PM

Resolved:: 2023/10/20 12:00 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates