[
https://issues.apache.org/jira/browse/SLING-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Felix Meschberger resolved SLING-1270.
--------------------------------------
Resolution: Fixed
Finally resolving this issue after changing some comments in Rev. 989912.
> Replace Session.logout from SlingMainServlet
> --------------------------------------------
>
> Key: SLING-1270
> URL: https://issues.apache.org/jira/browse/SLING-1270
> Project: Sling
> Issue Type: Task
> Components: Engine
> Affects Versions: Engine 2.0.6
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
> Fix For: Engine 2.1.0
>
>
> The new Commons Auth bundle from SLING-966 registers a ServletRequestListener
> to be informed when the request has terminated and the session may be logged
> out. Currently, the Http Service implementation does not support such
> listeners and the session may not be logged out at all.
> As a workaround the Commons Auth bundle implements a Java VM finalize()
> method to try to ensure logging the session out.
> As a further workaround the SlingMainServlet should - in a finally clause -
> logout the session of the request's resource resolver.
> The SlingMainServlet configuration should be removed as soon as we can
> reasonably be sure of ServletRequestListener support.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
