[
https://issues.apache.org/jira/browse/ISIS-1447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15335573#comment-15335573
]
ASF subversion and git services commented on ISIS-1447:
-------------------------------------------------------
Commit 93773e69dadc4c64450b8483aba9ce6a55245734 in isis's branch
refs/heads/master from [~danhaywood]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=93773e6 ]
ISIS-1447: disables behaviour that (we believe) may cause 500 errors for
Restful Objects server (Shiro authentication).
As per http://markmail.org/message/hsjljwgkhhrzxbrm, we believe that the
auto-logout behaviour within the IsisSessionFilter for Restful Objects, if
configured to use Shiro, may result in a 500 errors in certain race conditions.
This commit removes this auto-logout behaviour (simply continue to use the
existing Shiro credentials). The original behaviour can be reinstated using a
new configuration parameter.
> Avoid possible race-condition resulting in 500 errors under the Restful
> Objects viewer
> --------------------------------------------------------------------------------------
>
> Key: ISIS-1447
> URL: https://issues.apache.org/jira/browse/ISIS-1447
> Project: Isis
> Issue Type: Improvement
> Components: Core: Security: Shiro
> Affects Versions: 1.12.2
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Fix For: 1.13.0
>
>
> As per http://markmail.org/message/hsjljwgkhhrzxbrm
> Instead, auto-logout if find that session is already authenticated.
> In case this new approach introduces more problems than it resolves, allow
> the the current (occasionally broken) behaviour to be re-enabled using a
> configuration parameter.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
