You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Jason Lotz <ja...@gmail.com> on 2009/06/17 05:24:50 UTC
SPRING_SECURITY_CONTEXT still in session even after server restart
Environment - Tomcat 5.5, Ubuntu 9.04, Tapestry 5.1, Spring Security
Framework 2.0.4
Note that this does not seem to happen under Windows deployments.
Everything in the application works fine under normal circumstances. When a
user successfully logs in, the session has a few objects added to it,
including the expect SPRING_SECURITY_CONTEXT object as well as some things
we want to save there as well. After the server is restarted, everything is
gone from the session (naturally) but the SPRING_SECURITY_CONTEXT object
remains alive and well in the session.
Can anyone explain this behavior? Extra credit if you can explain why this
isn't happening in Windows.
Jason
Re: SPRING_SECURITY_CONTEXT still in session even after server
restart
Posted by Jason Lotz <ja...@gmail.com>.
Ah, interesting. This sounds like the culprit.
Thanks!
Jason
On Wed, Jun 17, 2009 at 12:17 AM, Kalle Korhonen <kalle.o.korhonen@gmail.com
> wrote:
> By default, Tomcat tries to store sessions on disk. Other than the
> SPRING_SECURITY_CONTEXT object you didn't have serializable objects in
> your application. On Windows, saveOnRestart is turned off
> (http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html) or
> security prevents writing the data to a file. Just guessing of course.
>
Re: SPRING_SECURITY_CONTEXT still in session even after server
restart
Posted by Kalle Korhonen <ka...@gmail.com>.
By default, Tomcat tries to store sessions on disk. Other than the
SPRING_SECURITY_CONTEXT object you didn't have serializable objects in
your application. On Windows, saveOnRestart is turned off
(http://tomcat.apache.org/tomcat-5.5-doc/config/manager.html) or
security prevents writing the data to a file. Just guessing of course.
Kalle
On Tue, Jun 16, 2009 at 8:24 PM, Jason Lotz<ja...@gmail.com> wrote:
> Environment - Tomcat 5.5, Ubuntu 9.04, Tapestry 5.1, Spring Security
> Framework 2.0.4
>
> Note that this does not seem to happen under Windows deployments.
>
> Everything in the application works fine under normal circumstances. When a
> user successfully logs in, the session has a few objects added to it,
> including the expect SPRING_SECURITY_CONTEXT object as well as some things
> we want to save there as well. After the server is restarted, everything is
> gone from the session (naturally) but the SPRING_SECURITY_CONTEXT object
> remains alive and well in the session.
>
> Can anyone explain this behavior? Extra credit if you can explain why this
> isn't happening in Windows.
>
> Jason
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org