[
https://issues.apache.org/jira/browse/SLING-4301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Carsten Ziegeler resolved SLING-4301.
-------------------------------------
Resolution: Won't Fix
> Support user.jcr.session.logout option for the jcr resource provider
> --------------------------------------------------------------------
>
> Key: SLING-4301
> URL: https://issues.apache.org/jira/browse/SLING-4301
> Project: Sling
> Issue Type: Improvement
> Components: JCR
> Reporter: Alexander Klimetschek
> Priority: Major
> Attachments: SLING-4301.patch
>
>
> Add a new AuthenticationInfo option {{user.jcr.session.logout}} that if set
> to true would automatically close the session passed via {{user.jcr.session}}
> at the end of the request.
> Purpose: As discussed on the
> [list|http://sling.markmail.org/thread/ceshw42z63r4bu7i], when using
> [user.jcr.session|http://sling.apache.org/apidocs/sling6/org/apache/sling/jcr/resource/JcrResourceConstants.html#AUTHENTICATION_INFO_SESSION]
> to pass a session created by an AuthenticationHandler itself, this is
> currently never closed (since the original use case for it comes from
> somewhere else where this wasn't required). The only way to use it from an
> AuthenticationHandler is to also implement a ServletFilter that tracks it and
> closes the session "manually" at the end of the request, which is bad since
> this would create another servlet filter for each authentication handler that
> wishes to use this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
