https://issues.apache.org/bugzilla/show_bug.cgi?id=46738
Summary: SingleSignOn session invalidation by multiple webapp's
Product: Tomcat 6
Version: 6.0.18
Platform: PC
OS/Version: All
Status: NEW
Severity: critical
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: vladi...@vilinski.de
Hi,
I'm using SingleSignOn Valve and have multiple webapp's.
When I call session.invalidate() in one of webapp's, it only invalidates
session in this one webapp.
Citation from documentation:
"As soon as the user logs out of one web application (for example, by
invalidating the corresponding session if form based login is used), the user's
sessions in all web applications will be invalidated. Any subsequent attempt
to access a protected resource in any application will require the user to
authenticate himself or herself again."
Tomcat 6.0.18.
Java HotSpot(TM) Client VM (build 10.0-b23, mixed mode, sharing)
Best Regards, Vilinski
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
