svn commit: r1646717 - /tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java

Fri, 19 Dec 2014 05:44:17 -0800 

Author: markt
Date: Fri Dec 19 13:43:21 2014
New Revision: 1646717

URL: http://svn.apache.org/r1646717
Log:
SSO now retains just the session ID rather than the actual session
object so there is no need to remove sessions that have been passivated.

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java

Modified: tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java?rev=1646717&r1=1646716&r2=1646717&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java Fri 
Dec 19 13:43:21 2014
@@ -214,8 +214,7 @@ public class SingleSignOn extends ValveB
         }
 
         // We only care about session destroyed events
-        if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())
-                && 
(!Session.SESSION_PASSIVATED_EVENT.equals(event.getType()))) {
+        if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())) {
             return;
         }
 
@@ -231,14 +230,13 @@ public class SingleSignOn extends ValveB
             return;
         }
 
-        // Was the session destroyed as the result of a timeout?
-        // If so, we'll just remove the expired session from the
-        // SSO.  If the session was logged out, we'll log out
-        // of all session associated with the SSO.
+        // Was the session destroyed as the result of a timeout or context 
stop?
+        // If so, we'll just remove the expired session from the SSO. If the
+        // session was logged out, we'll log out of all session associated with
+        // the SSO.
         if (((session.getMaxInactiveInterval() > 0)
             && (System.currentTimeMillis() - 
session.getThisAccessedTimeInternal() >=
                 session.getMaxInactiveInterval() * 1000))
-            || (Session.SESSION_PASSIVATED_EVENT.equals(event.getType()))
             || (!session.getManager().getContext().getState().isAvailable())) {
             removeSession(ssoId, session);
         } else {



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to