tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 9077] - SingleSignOn and session invalidate
Date Tue, 25 Nov 2003 02:43:52 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9077>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9077

SingleSignOn and session invalidate





------- Additional Comments From b_stansberry@hotmail.com  2003-11-25 02:43 -------
Attached patch adapts Luke Nelson's patch (Thanks Luke!) for TC 5.

Of 3 issues Luke mentions, 3rd is not relevant to TC5 as TC 5 code already had 
a valid algorithm for removing a single session from the SSO entry.

Attached also updates StandardSession for 2 reasons:

1) Unlike other similar methods in the class, TC 5's 
StandardSession.getLastAccessedTime() used field isValid to check for session 
validity instead of calling isValid().  isValid() will return true during 
session expiration, allowing SessionEventHandlers to access the session during 
shutdown.  The SingleSignOn patch needs to access getLastAccessedTime() during 
the session expiration process.

2) The key to the LocalStrings.properties file used in getLastAccessedTime() 
did not match the properties file.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message