geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shenghao Fang (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (GERONIMO-5738) The value of HttpServletRequest.getRemoteUser()&getUserPrincipal() should be null after HttpServletRequest.logout() invokes
Date Tue, 07 Jun 2011 07:04:59 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-5738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Shenghao Fang resolved GERONIMO-5738.
-------------------------------------

    Resolution: Fixed
    Regression: [Regression]

Patch has been committed.

> The value of HttpServletRequest.getRemoteUser()&getUserPrincipal() should be null
after HttpServletRequest.logout() invokes
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-5738
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5738
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 3.0
>            Reporter: LiWenQin
>            Assignee: Shenghao Fang
>            Priority: Minor
>             Fix For: 3.0
>
>         Attachments: GERONIMO-5738-Tomcat.patch, ServletException-JETTY.txt, tomcat-getRemoteUser(),getUserPrincipal()-ERROR.png
>
>
> Run the testsuite\javaee6-testsuite\servlet3.0-security-test of G3.0.
> 1 test fails because of the value of HttpServletRequest.getRemoteUser()&getUserPrincipal()
are NOT null (in fact , values are both "george")after HttpServletRequest.logout() invokes.
> Since the value should be null according to the HttpServletRequest API, it is a bug needs
to fix on server.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message