Oved Ourfali has submitted this change and it was merged.
Change subject: restapi: Forget HTTP session after invalidate
......................................................................
restapi: Forget HTTP session after invalidate
Currently when the RESTAPI receives a request that contains a valid
session identifier, but that doesn't require persistent authentication
we invalidate the session. This is correct, but we also try to use that
invalidated session later, which generates exceptions. To avoid that
this patch makes sure that when the session is invalidated the variable
that references it is also set to null.
Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3
Bug-Url:
https://bugzilla.redhat.com/1091371
Signed-off-by: Juan Hernandez <juan.hernandez(a)redhat.com>
(cherry picked from commit 638ec287b306c04ffbac7ba6122364d5b015e4ae)
---
M
backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
1 file changed, 2 insertions(+), 0 deletions(-)
Approvals:
Juan Hernandez: Verified; Looks good to me, approved
--
To view, visit
http://gerrit.ovirt.org/27165
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.4
Gerrit-Owner: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourfali(a)redhat.com>
Gerrit-Reviewer: automation(a)ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server