What does your session initialization code look like?
Joakim Erdfelt / [email protected] On Tue, May 2, 2017 at 9:00 AM, Chelsey Morgeson <[email protected]> wrote: > Hello all, > > My team is responsible for developing network monitoring software that > uses Jetty for our user interface. We have recently upgraded from > Jetty 9.3.0.v20150612 to 9.4.2.v20170220, which of course had major changes > in the session management. The only required changes that we saw necessary > were replacing the old HashSessionIdManager with the new > DefaultSessionIdManager, and removing the old HashSessionManager since it > no longer exists. We are also using a HashLoginService for authentication. > > Unfortunately, after this upgrade our authentication mechanism no longer > works. The login screen appears correctly when the realm file is present, > and debugging the process shows that inputting the correct username and > password does return a 303 as expected from the authentication endpoint, > but once Jetty redirects to our user interface's homepage, the user is once > again redirected to the login screen because the homepage returned a 303 as > well. No error is encountered and the JSESSIONID cookie is stored as if > things were working as expected, so I am hoping someone more familiar with > the product may have some insight as to what could cause this. Again, > everything worked fine before the Jetty upgrade. > > Thanks in advance, > Chelsey > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
