All,
Looking at bug 10526 (http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10526)
the patch below is proposed as the fix. Is there any reason not to apply it? I
had a look at the spec for both sessions and authentication and couldn't see
anything that would prevent it.
Thanks in advance for any advice,
Mark
Index:
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/aut
henticator/AuthenticatorBase.java,v
retrieving revision 1.15
diff -u -r1.15 AuthenticatorBase.java
---
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 11
Dec 2003 05:50:39 -0000 1.15
+++
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 27
Dec 2003 19:09:42 -0000
@@ -864,7 +864,7 @@
request.setAuthType(authType);
request.setUserPrincipal(principal);
- Session session = getSession(request, false);
+ Session session = getSession(request, true);
// Cache the authentication information in our session, if any
if (cache) {
if (session != null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
