Announcement Announcement Module
No announcement yet.
invalidate-flex-session - missing? Or error in documentation? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • invalidate-flex-session - missing? Or error in documentation?

    Hi Jeremy (and others),

    I saw "invalidate-flex-session" referenced in the docs in section 6.2.4 under "secured configuration attributes" Ref. 6.2.4; however, I can't find this in the actual Spring Flex 1.5 code in SVN. Is this a doc bug (this attribute has been removed), or a reference to something that hasn't been implemented yet?


  • #2
    Ahh, yes I think that is a mistake in the docs.

    Would you mind opening a Jira to track it?

    I think what we'll end up with in the final release is something more like "invalidate-http-session", which would ultimately end up propagating through to Spring Security's gout.SecurityContextLogoutHandler. That functionality is only partially implemented at the moment, as evidenced by its presence in org.springframework.flex.security3.SecurityConfigu rationPostProcessor but not in the LoginCommand nor the XML namespace parsing.