You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Kalle Korhonen (JIRA)" <ji...@apache.org> on 2010/10/28 11:18:14 UTC
[jira] Updated: (SHIRO-60) Standalone environment - automatically
create new session after expiration
[ https://issues.apache.org/jira/browse/SHIRO-60?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kalle Korhonen updated SHIRO-60:
--------------------------------
Fix Version/s: (was: 1.1.0)
1.2.0
> Standalone environment - automatically create new session after expiration
> --------------------------------------------------------------------------
>
> Key: SHIRO-60
> URL: https://issues.apache.org/jira/browse/SHIRO-60
> Project: Shiro
> Issue Type: Improvement
> Components: Session Management
> Affects Versions: 1.0.0
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
> Fix For: 1.2.0
>
>
> Per this thread: http://markmail.org/thread/4tl42fnjdaztpbso
> In a non-web environment, it would be nice if the SecurityManager would automatically/transparently create a new Session for a subject if their existing session expires. The web environment already works this way.
> It would probably be best if there were a securityManager configuration attribute, say 'createNewSessionAfterExpiration' (or something similar) that would enable this feature.
> I'm thinking it should be enabled by default, as I assume the large majority of application developers wouldn't want to catch InvalidSessionException in their code. It could be disabled by using the aforementioned config attribute.
> The DefaultWebSecurityManager could just piggyback the same logic, simplifying its code (and its internal delegate WebSessionManager).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.