[ https://issues.apache.org/jira/browse/SLING-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797052#action_12797052 ]
Felix Meschberger commented on SLING-1270: ------------------------------------------ Committed temporary session logout in the SlingMainServlet in Rev. 896372. > Replace Session.logout from SlingMainServlet > -------------------------------------------- > > Key: SLING-1270 > URL: https://issues.apache.org/jira/browse/SLING-1270 > Project: Sling > Issue Type: Task > Components: Engine > Affects Versions: Engine 2.0.6 > Reporter: Felix Meschberger > Assignee: Felix Meschberger > Fix For: Engine 2.1.0 > > > The new Commons Auth bundle from SLING-966 registers a ServletRequestListener > to be informed when the request has terminated and the session may be logged > out. Currently, the Http Service implementation does not support such > listeners and the session may not be logged out at all. > As a workaround the Commons Auth bundle implements a Java VM finalize() > method to try to ensure logging the session out. > As a further workaround the SlingMainServlet should - in a finally clause - > logout the session of the request's resource resolver. > The SlingMainServlet configuration should be removed as soon as we can > reasonably be sure of ServletRequestListener support. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.