cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jan Bernhardt (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FEDIZ-112) Race condition in tomcat plugin related to request restoration after redirect
Date Fri, 10 Apr 2015 10:54:12 GMT

     [ https://issues.apache.org/jira/browse/FEDIZ-112?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jan Bernhardt updated FEDIZ-112:
--------------------------------
    Summary: Race condition in tomcat plugin related to request restoration after redirect
 (was: Restore Request Race Condition in Tomcat Plugin)

> Race condition in tomcat plugin related to request restoration after redirect
> -----------------------------------------------------------------------------
>
>                 Key: FEDIZ-112
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-112
>             Project: CXF-Fediz
>          Issue Type: Bug
>          Components: Plugin
>    Affects Versions: 1.1.2
>            Reporter: Jan Bernhardt
>            Assignee: Jan Bernhardt
>             Fix For: 1.2.0
>
>
> If a active session at the RP runs into a timeout and the user refreshes this page, it
sometimes happens that the browser sends two or more requests to the web server almost simultaneously
because of embedded images in the RP web page. The tomcat plugin only stores the last request
for restoration once a valid SAML token is presented. In such cases it can happen that the
last request is not the URL of the web page, but of an image. If the user logs in to the IDP
and is redirected back to the RP, he/she does not see the web page but a single image instead.
> By using unique generated ID from the wctx each request could be restored correctly and
individually, thus solving this issue.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message