You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Jan Bernhardt (JIRA)" <ji...@apache.org> on 2015/04/09 19:49:12 UTC
[jira] [Created] (FEDIZ-112) Restore Request Race Condition in
Tomcat Plugin
Jan Bernhardt created FEDIZ-112:
-----------------------------------
Summary: Restore Request Race Condition in Tomcat Plugin
Key: FEDIZ-112
URL: https://issues.apache.org/jira/browse/FEDIZ-112
Project: CXF-Fediz
Issue Type: Bug
Components: Plugin
Affects Versions: 1.1.2
Reporter: Jan Bernhardt
Assignee: Jan Bernhardt
Fix For: 1.2.0
If a active session at the RP runs into a timeout and the user refreshes this page, it sometimes happens that the browser sends two or more requests to the web server almost simultaneously because of embedded images in the RP web page. The tomcat plugin only stores the last request for restoration once a valid SAML token is presented. In such cases it can happen that the last request is not the URL of the web page, but of an image. If the user logs in to the IDP and is redirected back to the RP, he/she does not see the web page but a single image instead.
By using unique generated ID from the wctx each request could be restored correctly and individually, thus solving this issue.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)