On Sep 23, 2008, at 10:59 AM, Aaron Evans wrote:
Does anyone know how to configure this feature?
https://issues.apache.org/jira/browse/JS2-712
Basically, it makes it so that if a client browser re-posts to the
login URI with some different credentials, the old session is turfed
and a new one created...
thanks in advance,
aaron
JS2-712 has been available since 2.1.2.
Its configured in administration.xml, see constructor argument 0,
defaulted to false. You will need to set it to true
<bean
id
='org.apache.jetspeed.administration.PortalAuthenticationConfiguration'
class
=
'org
.apache.jetspeed.administration.PortalAuthenticationConfigurationImpl'>
<!-- create new session upon authentication -->
<constructor-arg index='0'>
<value>false</value>
</constructor-arg>
<!-- hard session timeout limit in seconds, regardless of
(in)activity, setting to 0 turns off this feature
note:this feature should be used with 'create new session upon
authentication' feature
-->
<constructor-arg index='1'>
<value>0</value>
</constructor-arg>
<!-- redirect location for hard session expiration -->
<constructor-arg index='2'>
<value>/login/logout</value>
</constructor-arg>
</bean>
Give it a try and let me know if that is what you need. I didn't seem
to close the issue upon completing it
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
