Hello.
This security related feature can be turned off by an configuration parameter.
<Set name="securityHandler">
<New class="org.eclipse.jetty.security.ConstraintSecurityHandler">
.....
<Set name="sessionRenewedOnAuthentication">false</Set>
</New>
</Set>
Regards,
- Tore.
On Apr 16, 2011, at 22:09 , Tore Halset wrote:
> Hello.
>
> I have an application using form based login. For some strange reason we have
> some non-browser-applications using the same form based login.
>
> After upgrade from jetty 7.1.6 to 7.3.0 authentication still works from a
> normal web client, but it does not work from all of the
> non-browser-applications. This problem is caused by jetty 7.3 creating a new
> session when the user is authenticated. This is easy to fix in the clients we
> have control over, but some of them we do not have control over.
>
> It looks like this is caused by the fix of
> http://jira.codehaus.org/browse/JETTY-1281
>
> What is the reason for creating a new session on login? Is it possible to
> turn this feature off?
>
> Regards,
> - Tore.
> _______________________________________________
> jetty-users mailing list
> [email protected]
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
_______________________________________________
jetty-users mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/jetty-users
