You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2003/12/27 20:21:15 UTC
[PATCH - Proposed] Bug 10526
All,
Looking at bug 10526 (http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10526)
the patch below is proposed as the fix. Is there any reason not to apply it? I
had a look at the spec for both sessions and authentication and couldn't see
anything that would prevent it.
Thanks in advance for any advice,
Mark
Index:
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/aut
henticator/AuthenticatorBase.java,v
retrieving revision 1.15
diff -u -r1.15 AuthenticatorBase.java
---
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 11
Dec 2003 05:50:39 -0000 1.15
+++
catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java 27
Dec 2003 19:09:42 -0000
@@ -864,7 +864,7 @@
request.setAuthType(authType);
request.setUserPrincipal(principal);
- Session session = getSession(request, false);
+ Session session = getSession(request, true);
// Cache the authentication information in our session, if any
if (cache) {
if (session != null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: [PATCH - Proposed] Bug 10526
Posted by Bill Barker <wb...@wilshire.com>.
----- Original Message -----
From: "Remy Maucherat" <re...@apache.org>
To: "Tomcat Developers List" <to...@jakarta.apache.org>
Sent: Saturday, December 27, 2003 12:45 PM
Subject: Re: [PATCH - Proposed] Bug 10526
> Mark Thomas wrote:
> > All,
> >
> > Looking at bug 10526
(http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10526)
> > the patch below is proposed as the fix. Is there any reason not to apply
it? I
> > had a look at the spec for both sessions and authentication and couldn't
see
> > anything that would prevent it.
>
> This could have some benefits in some situations, but I don't like the
> fact that there will be one session per authenticated user, regardless
> of what the application does.
>
I agree with Remy on this. However, if it was made to be a configurable
option, I'd move from -0 to +0.
> Rémy
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>
>
Re: [PATCH - Proposed] Bug 10526
Posted by Remy Maucherat <re...@apache.org>.
Mark Thomas wrote:
> All,
>
> Looking at bug 10526 (http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10526)
> the patch below is proposed as the fix. Is there any reason not to apply it? I
> had a look at the spec for both sessions and authentication and couldn't see
> anything that would prevent it.
This could have some benefits in some situations, but I don't like the
fact that there will be one session per authenticated user, regardless
of what the application does.
Rémy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org