At 11:02 PM 9/20/2004 +, Jan.Luehe wrote
I've restored the previous version. Maybe
SessionEvent.getData() could have differentiated between session
expiration and session invalidation, so we would not have to determine
the cause of the SESSION_DESTROYED_EVENT by comparing
getLastAccessedTime()
Hi Jan,
At 11:02 PM 9/20/2004 +, you wrote:
luehe 2004/09/16 11:18:41
Modified:catalina/src/share/org/apache/catalina/authenticator
SingleSignOn.java
Log:
- Removed deregister(String ssoid), because it is no longer needed
(used to be called when session
of a session would not cause other sessions to be invalidated.)
Best,
Brian Stansberry
- Replaced call to removeSession(String, Session) with
deregister(String, Session), which is identical, and removed
removeSession(String, Session) because it is no longer needed
Revision ChangesPath
1.18
if there was any interest in committing that patch to TC 4.1 before
the next release. If there is, I'll update it so it doesn't conflict with what Mark
just committed (and anything else committed since I posted it). If there's no
interest, I'll go Christmas shopping instead ;-)
Best,
Brian Stansberry
would be happy to commit it. However, I
wouldn't want your work on the patch to distract you from your Christmas
shopping ;)
Thanks; will do. Anything to get out of going to the mall!
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
authorization handling, it
might be a good time to look into it. I'd be happy to help in such an effort if there
is any interest.
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
was written against the TC 5 code base. The TC 5 version on
SingleSignOn already included logic for handling session expiration's differently from
logouts, so I didn't change that. A port of this patch to TC 4 would need to address
bug 9077.
Best,
Brian Stansberry
WAN Concepts, Inc
related to session invalidation
and didn't notice it in the diff. :(
Since the logout feature no longer is there, this means bug 9077 still applies to
TC5. Is anyone aware of any issue with the proposed patch attached to that bug?
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510
an
IllegalStateException for a call to getLastAccessedTime(). It looks as if the
exception throw was added in response to bug 15967, which stated that the javadoc
does specify the exception, but I'm looking at the javadoc for both Servlet 2.3 and
2.4, and in both cases it's not specified.
Brian
At 02:08 PM 11/24/2003 -0500, you wrote:
Brian Stansberry wrote:
BTW, the javadoc for javax.servlet.http.HttpSession doesn't specify throwing an
IllegalStateException for a call to getLastAccessedTime(). It looks as if the
exception throw was added in response to bug 15967, which stated
At 08:21 PM 11/24/2003 +0100, Remy wrote:
Brian Stansberry wrote:
At 11:56 AM 11/24/2003 -0600, Luke Nelson wrote:
I have tried applying the patch, and I found three problems with
it. First, its removal of a session from the SingleSignOnEntry
object causes an IndexOutOfBounds exception. Second
) PersistentValve.isSessionStale()
Or we can hope the final spec matches the JSR154-PFD3 javadoc, and not the J2EE1.4
docs on the Sun site ;-)
Any thoughts?
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
be fixed in 5.0.15.
TC 5 version of patch tested posted to bug 9077. Thanks Luke! Turns out the issue
with the IllegalStateException was easily solved; my note attached to the bug report
explains.
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax
some minor tweaks to
optimize for embedding in JBoss.
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
At 04:27 PM 11/21/2003 -0600, you wrote:
I believe that I have found a problem with the SingleSignOn valve, and
the Principal
14 matches
Mail list logo