You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ignite.apache.org by "Denis Magda (JIRA)" <ji...@apache.org> on 2016/01/08 14:20:39 UTC

[jira] [Created] (IGNITE-2344) WebSessionFilter doesn't support session ID renewal

Denis Magda created IGNITE-2344:
-----------------------------------

             Summary: WebSessionFilter doesn't support session ID renewal
                 Key: IGNITE-2344
                 URL: https://issues.apache.org/jira/browse/IGNITE-2344
             Project: Ignite
          Issue Type: Bug
          Components: general
    Affects Versions: ignite-1.4
            Reporter: Denis Magda


It's quite a common scenario to update a session ID after a user successfully logged in preserving the session content for further usage.

Ignite's {{WebSessionFilter}} doesn't support such a use case creating a session from scratch.

To support this behavior we can store a special Cookie that will hold latest session ID. When a session is passed to {{WebSessionFilter}} and the filter detects that this is a fresh session it will check the Cookie in advance. If the Cookie exists and holds an old session ID then the filter will be able to get a session content from the cache using the old ID and put it back using the new ID.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)