Ticket #1068 (closed issue: wontfix)

Opened 10 years ago

Last modified 10 years ago

[S] Session Manager and stale cookies

Reported by: pjkersha Owned by: pjkersha
Priority: desirable Milestone:
Component: security Version:
Keywords: Cc:

Description

If an application server running Session Manager middleware is restarted a cookie can be orphaned from its server side session. The Session Manager has a CredentialRepository interface for recovering user sessions following a service restart but this requires a database plugin to be configured. This could be improved using beaker session instead giving the capability to have file based and database serialisation of sessions.

Change History

comment:1 Changed 10 years ago by pjkersha

  • Status changed from new to closed
  • Resolution set to wontfix

Session Manager not required in current security configuration. Attribute Certificates are no longer cached at the IdP.

Note: See TracTickets for help on using tickets.