Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.10.1, 3.0.1
Affects Version/s: 2.9.2
Component/s: None
Labels:

Bug Fix Policy:
View Atlassian Server bug fix policy

Description

People ran into problems because we started invalidating the session on logout in 2.9.2. They expect certain session attributes like the seraph LOGGED_OUT_KEY to be present.

This means we need to remove all session attributes except some special attributes like the seraph ones. The other option would be to only remove critical attributes like the users history from the session and leave it untouched otherwise. But I would rather go for the first approach, and remove as much data from the session as possible to avoid privacy issue created by future code.

Attachments

Issue Links

is caused by

CONFSERVER-11324 Session isn't invalidated on logout

Closed

Activity

People

Assignee:: Andrew Lynch (Inactive)

Reporter:: Chris Kiehl

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 13/Nov/2008 3:49 AM

Updated:: 11/Oct/2018 9:01 AM

Resolved:: 18/Jun/2009 7:12 AM