Details
-
Bug
-
Resolution: Done
-
Minor
-
JBossAS-4.0.5.GA, JBossAS-4.2.0.GA, JBossAS-4.2.1.GA, JBossAS-4.2.2.GA, JBossAS-5.0.0.Beta4
-
None
Description
From SingleSignOnEntry.removeSession(...)
boolean removed = false;
Session[] nsessions = new Session[sessions.length - 1];
...
sessions = nsessions;
// Only if we removed a session, do we replace our session list
if (removed)
sessions = nsessions;
The line above the final if test defeats the purpose of the if test and sets sessions to an empty Session[].
Minor problem because the "if (removed)" guard is just a safety check; in practice should return true whenever method is invoked.
Attachments
Issue Links
- relates to
-
JBAS-5609 ClusteredSingleSignOn cannot handle cross-context apps with same session id
- Closed