You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/07/19 14:32:30 UTC

DO NOT REPLY [Bug 28709] - javax.servlet.http.HttpServletRequest.isRequestedSessionIdValid() returns true for an invalidated session!

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=28709>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28709

javax.servlet.http.HttpServletRequest.isRequestedSessionIdValid() returns true for an invalidated session!

remm@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From remm@apache.org  2004-07-19 12:32 -------
The issue affecting named dispatcher has been fixed (no wrapping was done
previously, so cross context sessions couldn't be handled properly). For the
rest, we won't fix it for now.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org