You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Les Hazlewood (JIRA)" <ji...@apache.org> on 2010/05/07 23:15:53 UTC

[jira] Updated: (SHIRO-60) Standalone environment - automatically create new session after expiration

     [ https://issues.apache.org/jira/browse/SHIRO-60?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Les Hazlewood updated SHIRO-60:
-------------------------------

        Fix Version/s: 1.1.0
    Affects Version/s: 1.0.0
          Component/s: Session Management

Postponing this to 1.1 due to criticality of the 1.0 release (pending mailing list override):

http://shiro-developer.582600.n2.nabble.com/Re-How-do-you-want-session-auto-re-creation-after-expiration-to-work-td5021448.html

> Standalone environment - automatically create new session after expiration
> --------------------------------------------------------------------------
>
>                 Key: SHIRO-60
>                 URL: https://issues.apache.org/jira/browse/SHIRO-60
>             Project: Shiro
>          Issue Type: Improvement
>          Components: Session Management
>    Affects Versions: 1.0.0
>            Reporter: Les Hazlewood
>            Assignee: Les Hazlewood
>             Fix For: 1.1.0
>
>
> Per this thread:  http://markmail.org/thread/4tl42fnjdaztpbso
> In a non-web environment, it would be nice if the SecurityManager would automatically/transparently create a new Session for a subject if their existing session expires.  The web environment already works this way.
> It would probably be best if there were a securityManager configuration attribute, say 'createNewSessionAfterExpiration' (or something similar) that would enable this feature.
> I'm thinking it should be enabled by default, as I assume the large majority of application developers wouldn't want to catch InvalidSessionException in their code.  It could be disabled by using the aforementioned config attribute.
> The DefaultWebSecurityManager could just piggyback the same logic, simplifying its code (and its internal delegate WebSessionManager).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.