Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 11.0.0.Beta1
Affects Version/s: 10.0.0.CR3
Component/s: Web (Undertow)
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly/pull/9936

The class org.jboss.metadata.parser.jbossweb.JBossWebMetaDataParser doesn't support reading "flushOnSessionInvalidation" attribute on "security-domain" element. And also the schema files for jboss-web.xml doesn't mention this attribute.

The class org.jboss.metadata.web.jboss.JBossWebMetaData contains the attribute flushOnSessionInvalidation, which comes from old JBoss versions (3.2 and 4.0). The description says:

The jboss-web.xml security-domain element now supports a flushOnSessionInvalidation boolean attribute that when true, will flush the security-domain JAAS authentication cache for the associated user principal.

This attribute is also supported in WildFly integration with Undertow (look at source), but the code is never reached as the flushOnSessionInvalidation attribute value stays always false.

is blocked by

JBMETA-392 The flushOnSessionInvalidation attribute is missing in the jboss-web schema and the parser

Resolved

WFLY-8448 Upgrade JBoss Metadata from 10.0.0.Final to 10.0.2.Final

Closed

is cloned by

JBEAP-1564 [GSS](7.1.0) The flushOnSessionInvalidation is not parsed correctly from jboss-web.xml

Verified

is duplicated by

WFLY-9102 Create test for JBoss does not flush the security-domain JAAS authentication cache on session invalidation

Closed

is related to

WFLY-3221 flushOnSessionInvalidation attribute in jboss-web.xml does not flush user credentials

Closed

Assignee:: Ivo Studensky

Reporter:: Josef Cacek (Inactive)

Votes:: 5 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2015/10/20 7:47 AM

Updated:: 2020/09/14 5:03 AM

Resolved:: 2017/05/05 6:39 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates