Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-5657

HttpServletRequest.changeSessionId() doesn't reassociate session ID with distributed SSO

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 10.0.0.CR5
    • 10.0.0.CR4
    • Clustering
    • None

      The distributed SSO implementation stores a map of sessions using the session ID. If the user changes the session ID, this reference is never changed. Consequently, subsequent calls to SingleSignOn.getSession(SessionManager) will return null.

            pferraro@redhat.com Paul Ferraro
            pferraro@redhat.com Paul Ferraro
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: