Brian Moseley wrote:
it would be preferable, i think, if AnonymousProcessingFilter had a
parameter that controlled whether or not sessions can be created.
thoughts?
Thanks for reporting this, Brian.
I went about resolving it differently from suggested, in order to
maintain encapsulation of session management as greatly as possible
within HttpSessionContextIntegrationFilter. You can view the JIRA issue
which explains what was changed at
http://opensource2.atlassian.com/projects/spring/browse/SEC-183.
Best regards
Ben
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
