Announcement Announcement Module
Collapse
No announcement yet.
Change to HttpSessionContextIntegrationFilter in 0.8.1 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Change to HttpSessionContextIntegrationFilter in 0.8.1

    I saw this in the changelog for 0.8.1

    """
    HttpSessionContextIntegrationFilter now handles HttpSession invalidation without redirection
    """

    and am wondering exactly what it means. I am currently running 0.8.0 and use HttpSession.invalidate() as part of the logout process.

    Any more info available?

    Thanks,

    Miguel

  • #2
    In 0.8.0, the absence of a redirection after session invalidation would cause the FilterChain to continue, and there was a bug which caused the HttpSession to be re-created and the current ContextHolder copied into it. People who redirected didn't see this behaviour, as the FilterChain did not continue.

    It's fixed in 0.8.1.

    Comment

    Working...
    X