At 11:02 PM 9/20/2004 +, Jan.Luehe wrote
I've restored the previous version. Maybe
SessionEvent.getData() could have differentiated between session
expiration and session invalidation, so we would not have to determine
the cause of the SESSION_DESTROYED_EVENT by comparing
getLastAccessedTime()
Hi Jan,
At 11:02 PM 9/20/2004 +, you wrote:
luehe 2004/09/16 11:18:41
Modified:catalina/src/share/org/apache/catalina/authenticator
SingleSignOn.java
Log:
- Removed deregister(String ssoid), because it is no longer needed
(used to be called when session w
his patch, since the
time out of a session would not cause other sessions to be invalidated.)
Best,
Brian Stansberry
- Replaced call to removeSession(String, Session) with
deregister(String, Session), which is identical, and removed
removeSession(String, Session) because it is no longer need
4.1 patch I would be happy to commit it. However, I
>wouldn't want your work on the patch to distract you from your Christmas
>shopping ;)
Thanks; will do. Anything to get out of going to the mall!
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x
.
I was wondering if there was any interest in committing that patch to TC 4.1 before
the next release. If there is, I'll update it so it doesn't conflict with what Mark
just committed (and anything else committed since I posted it). If there's no
interest, I'll go Chris
l w/ the Servlet 2.4 authorization handling, it
might be a good time to look into it. I'd be happy to help in such an effort if there
is any interest.
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
F
>Otherwise, the issue won't be fixed in 5.0.15.
TC 5 version of patch tested posted to bug 9077. Thanks Luke! Turns out the issue
with the IllegalStateException was easily solved; my note attached to the bug report
explains.
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
n.
1) JDBCStore.save()
2) ManagerBase.getLastAccessedTime()
3) PersistentValve.isSessionStale()
Or we can hope the final spec matches the JSR154-PFD3 javadoc, and not the J2EE1.4
docs on the Sun site ;-)
Any thoughts?
Brian Stansberry
WAN Concepts, Inc.
www.wanco
At 08:21 PM 11/24/2003 +0100, Remy wrote:
>Brian Stansberry wrote:
>>At 11:56 AM 11/24/2003 -0600, Luke Nelson wrote:
>>
>>>I have tried applying the patch, and I found three problems with
>>>it. First, its removal of a session from the SingleSignOnEntry
>
At 02:08 PM 11/24/2003 -0500, you wrote:
>Brian Stansberry wrote:
>>
>>BTW, the javadoc for javax.servlet.http.HttpSession doesn't specify throwing an
>>IllegalStateException for a call to getLastAccessedTime(). It looks as if the
>>exception throw was added
both Servlet 2.3 and
2.4, and in both cases it's not specified.
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
moved this (otherwise, I'll reapply the fix).
No, my mistake. It didn't intend to change anything related to session invalidation
and didn't notice it in the diff. :(
Since the "logout" feature no longer is there, this means bug 9077 still applies to
TC5. Is a
hat is already pending for 9077.
No, because this patch was written against the TC 5 code base. The TC 5 version on
SingleSignOn already included logic for handling session expiration's differently from
logouts, so I didn't change that. A port of this patch to TC 4 would need to a
s has some minor tweaks to
optimize for embedding in JBoss.
Best,
Brian Stansberry
WAN Concepts, Inc.
www.wanconcepts.com
Tel:(510) 894-0114 x 116
Fax:(510) 797-3005
At 04:27 PM 11/21/2003 -0600, you wrote:
>I believe that I have found a problem with the SingleSignOn valve, and
>th
14 matches
Mail list logo
