DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=33711>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=33711 ------- Additional Comments From [EMAIL PROTECTED] 2005-02-25 12:11 ------- I tried the obvious quick solution of changing expire(false) to expire(true), but unfortunately that had a nasty side-effect. If the user is logged in to a SSO session, and is using several web apps, then if one of those web apps is undeployed, their *entire* SSO is destroyed. This means they are immediately logged out (of all the apps), and their next interaction with any of the other web apps will force them to log in again (which is obviously not what was intended). I'll keep digging and trying to follow the code base. (Out of interest, does all of the code have as few comments as this session/authentication stuff?) We've downgraded our upcoming product release to a beta (and use a single shared log instead of per webapp logging) until we figure a way to get the SSO to release the ref to the classloader. Thanks again, and please do let us know if you have any ideas for how to change this SSO behaviour. BTW - Is there a tomcat test suite I should be using so that I know if I have broken anything while I look at this issue? Being new to the tomcat code, I'm quite wary of breaking stuff via strange side-effects. Cheers, Kev -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
