[
https://issues.apache.org/jira/browse/KI-60?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alan Cabrera moved JSEC-46 to KI-60:
------------------------------------
Fix Version/s: (was: 1.0)
Component/s: (was: Session Management)
Affects Version/s: (was: 1.0)
Key: KI-60 (was: JSEC-46)
Project: Ki (was: JSecurity)
> Standalone environment - automatically create new session after expiration
> --------------------------------------------------------------------------
>
> Key: KI-60
> URL: https://issues.apache.org/jira/browse/KI-60
> Project: Ki
> Issue Type: Improvement
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
>
> Per this thread: http://markmail.org/thread/4tl42fnjdaztpbso
> In a non-web environment, it would be nice if the SecurityManager would
> automatically/transparently create a new Session for a subject if their
> existing session expires. The web environment already works this way.
> It would probably be best if there were a securityManager configuration
> attribute, say 'createNewSessionAfterExpiration' (or something similar) that
> would enable this feature.
> I'm thinking it should be enabled by default, as I assume the large majority
> of application developers wouldn't want to catch InvalidSessionException in
> their code. It could be disabled by using the aforementioned config
> attribute.
> The DefaultWebSecurityManager could just piggyback the same logic,
> simplifying its code (and its internal delegate WebSessionManager).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
