Juan Hernandez has submitted this change and it was merged. Change subject: restapi: Forget HTTP session after invalidate ...................................................................... restapi: Forget HTTP session after invalidate Currently when the RESTAPI receives a request that contains a valid session identifier, but that doesn't require persistent authentication we invalidate the session. This is correct, but we also try to use that invalidated session later, which generates exceptions. To avoid that this patch makes sure that when the session is invalidated the variable that references it is also set to null. Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3 Bug-Url: https://bugzilla.redhat.com/1091371 Signed-off-by: Juan Hernandez <juan.hernandez@redhat.com> --- M backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java 1 file changed, 2 insertions(+), 0 deletions(-) Approvals: Juan Hernandez: Verified; Looks good to me, approved Oved Ourfali: Looks good to me, but someone else must approve -- To view, visit http://gerrit.ovirt.org/27072 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3 Gerrit-PatchSet: 3 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <juan.hernandez@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernandez@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourfali@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vszocs@redhat.com> Gerrit-Reviewer: automation@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server