ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis Magda (JIRA)" <j...@apache.org>
Subject [jira] [Created] (IGNITE-2344) WebSessionFilter doesn't support session ID renewal
Date Fri, 08 Jan 2016 13:20:39 GMT
Denis Magda created IGNITE-2344:

             Summary: WebSessionFilter doesn't support session ID renewal
                 Key: IGNITE-2344
                 URL: https://issues.apache.org/jira/browse/IGNITE-2344
             Project: Ignite
          Issue Type: Bug
          Components: general
    Affects Versions: ignite-1.4
            Reporter: Denis Magda

It's quite a common scenario to update a session ID after a user successfully logged in preserving
the session content for further usage.

Ignite's {{WebSessionFilter}} doesn't support such a use case creating a session from scratch.

To support this behavior we can store a special Cookie that will hold latest session ID. When
a session is passed to {{WebSessionFilter}} and the filter detects that this is a fresh session
it will check the Cookie in advance. If the Cookie exists and holds an old session ID then
the filter will be able to get a session content from the cache using the old ID and put it
back using the new ID.

This message was sent by Atlassian JIRA

View raw message