Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-11324

Session isn't invalidated on logout

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 2.9.2, 2.10
    • 2.6.2, 2.7.3
    • None

    Description

      When the user logs out the HttpSession isn't invalidated.

      The important details of the logged in user and other information is correctly cleared but other properties such as user preferences are not.

      The impact is things like the label's section and location section's openness state isn't correctly loaded from the database (its read from the session which contains the value of the previously logged in user).

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-13702 Session must not be invalidated on logout

          • Medium - Medium priority issues
          • Closed
          is caused by

          Improvement - An improvement or enhancement to an existing feature or task. SER-121 Add Interceptor to Invalidate HttpSession

          • Low - Low priority issues
          • Closed

          Activity

            People

              ckiehl Chris Kiehl
              mjensen m@ (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: