[jira] [Created] (SHIRO-633) Remove HttpSession attributes when invalidated

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[jira] [Created] (SHIRO-633) Remove HttpSession attributes when invalidated

JIRA jira@apache.org
Michael Pusterhofer created SHIRO-633:
-----------------------------------------

             Summary: Remove HttpSession attributes when invalidated
                 Key: SHIRO-633
                 URL: https://issues.apache.org/jira/browse/SHIRO-633
             Project: Shiro
          Issue Type: Bug
          Components: Session Management
         Environment: 4.11.9-1-ARCH x86_64 GNU/Linux

            Reporter: Michael Pusterhofer


When calling logout the HttpSession does not remove the attributes added throughout the session. This results in the HttpSession not being valid after the logout longer valid and the RAP application to wait forever, due to the HttpSessionBindingListener not being called.

The problem can be found in the  [RAP forum|https://www.eclipse.org/forums/index.php/t/1087620/]



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Loading...