On 23/11/2021 20:42, Michael B Allen wrote:
On Tue, Nov 23, 2021 at 2:59 PM Thomas Hoffmann (Speed4Trade GmbH)
<thomas.hoffm...@speed4trade.com.invalid> wrote:
Short Addendum:
The "destroyed" flag gets set, when the dispose-method of the GSSCredentialImpl
was invoked.
Currently, I have no clue when and how it happens, but I have seen this problem
every few months.
So it is only occurring sometimes. Maybe if the Kerberos ticket expires and the
http session is still alive (?)
Nevertheless, the application should be able to recover from this situation and handles
it like "not authenticated".
So as suspected it may actually be an invalid credential that maybe
Tomcat had a hand in. If Tomcat disposed the credential and then
subsequently tried to use it for any reason, that would be "invalid".
So that might warrant investigation before submitting a bug report.
That might be possible.
Tomcat calls dispose when the user explicitly logs out or the session
expires. The OP is using http2 so parallel requests are likely.
I'll look into this some more.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
