Session isn't invalidated on logout

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Medium
    • 2.9.2, 2.10
    • Affects Version/s: 2.6.2, 2.7.3
    • Component/s: None

      When the user logs out the HttpSession isn't invalidated.

      The important details of the logged in user and other information is correctly cleared but other properties such as user preferences are not.

      The impact is things like the label's section and location section's openness state isn't correctly loaded from the database (its read from the session which contains the value of the previously logged in user).

            Assignee:
            Chris Kiehl
            Reporter:
            m@ (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: