Juan Hernandez has submitted this change and it was merged.
Change subject: restapi: Forget HTTP session after invalidate
......................................................................
restapi: Forget HTTP session after invalidate
Currently when the RESTAPI receives a request that contains a valid
session identifier, but that doesn't require persistent authentication
we invalidate the session. This is correct, but we also try to use that
invalidated session later, which generates exceptions. To avoid that
this patch makes sure that when the session is invalidated the variable
that references it is also set to null.
Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3
Bug-Url:
https://bugzilla.redhat.com/1091371
Signed-off-by: Juan Hernandez <juan.hernandez(a)redhat.com>
---
M
backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
1 file changed, 2 insertions(+), 0 deletions(-)
Approvals:
Juan Hernandez: Verified; Looks good to me, approved
Oved Ourfali: Looks good to me, but someone else must approve
--
To view, visit
http://gerrit.ovirt.org/27072
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I88dcd37f80eb1fa85aa0441c3cbdfed18e84d5f3
Gerrit-PatchSet: 3
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourfali(a)redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs(a)redhat.com>
Gerrit-Reviewer: automation(a)ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server