Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-8803

AbstractLoginModule and subclasses: successful commit must not clear state information required for successful logout

    XMLWordPrintableJSON

    Details

      Description

      while working OAK-8710 in noticed that the main reason for the initial patch not work was the fact that subclasses of {AbstractLoginModule call clearState upon successful commit. this essentially clears all state information that is needed for a successful logout later on.... on the other hand it is crucial that subclasses of AbstractLoginModule close the system-session that was used for looking up principals during the commit phase.

      proposed fix: add protected closeSystemSession method that can be used instead of clearState upon successful commit, leaving the clearState only for those cases where commit fails or abort is called, which require the complete state the be wiped out.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                angela Angela Schreiber
                Reporter:
                angela Angela Schreiber
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: