ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis Magda (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IGNITE-2344) WebSessionFilter doesn't support session ID renewal
Date Fri, 08 Jan 2016 13:21:39 GMT

    [ https://issues.apache.org/jira/browse/IGNITE-2344?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15089193#comment-15089193
] 

Denis Magda commented on IGNITE-2344:
-------------------------------------

The ticket was created as a result of this discussion
http://apache-ignite-users.70518.x6.nabble.com/Web-app-with-CMS-td2414.html

> WebSessionFilter doesn't support session ID renewal
> ---------------------------------------------------
>
>                 Key: IGNITE-2344
>                 URL: https://issues.apache.org/jira/browse/IGNITE-2344
>             Project: Ignite
>          Issue Type: Bug
>          Components: general
>    Affects Versions: ignite-1.4
>            Reporter: Denis Magda
>
> It's quite a common scenario to update a session ID after a user successfully logged
in preserving the session content for further usage.
> Ignite's {{WebSessionFilter}} doesn't support such a use case creating a session from
scratch.
> To support this behavior we can store a special Cookie that will hold latest session
ID. When a session is passed to {{WebSessionFilter}} and the filter detects that this is a
fresh session it will check the Cookie in advance. If the Cookie exists and holds an old session
ID then the filter will be able to get a session content from the cache using the old ID and
put it back using the new ID.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message