Details
-
Bug
-
Resolution: Done
-
Major
-
10.0.0.CR4
-
None
Description
The distributed SSO implementation stores a map of sessions using the session ID. If the user changes the session ID, this reference is never changed. Consequently, subsequent calls to SingleSignOn.getSession(SessionManager) will return null.
Attachments
Issue Links
- is cloned by
-
JBEAP-1877 HttpServletRequest.changeSessionId() doesn't reassociate session ID with distributed SSO
- Closed