Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

    Grid expansion creates lots of sessions with Spring Security 3.x

    Hi,

    i was testing the Spring Security authentication, so played around with tomcat(manually invalidate sessions). when i expand a ListGrid,

    1. if i m logged in, the row will be expanded and only one session exists

    2. if i kill the current session first, and then expand the ListGrid row, i get login prompt dialog, at this moment it creates around 10 sessions, sometimes 10, sometimes 13, arbitrary number. i looked at one of the sessions, there's one attribute SPRING_SECURITY_SAVED_REQUEST_KEY with value:
    Code:
    DefaultSavedRequest[http://localhost:8088/Transact/transact/sc/IDACall?isc_rpc=1&isc_v=SC_SNAPSHOT-2010-08-03&isc_xhr=1&isc_tnum=47]
    is this normal? or my Spring setting is not correct?

    #2
    Spring security is not set up correctly. This has nothing to do with grids - the situation you're in appears to be that every new HTTP request is ending up with a different session. Maybe you just haven't enabled session tracking via cookies, which is the typical approach.

    Comment


      #3
      Thanks. I followed the thread 're-login using Spring Security3', didn't change anything big. the problem happens occasionally but most of the times ok. i'll have a look at the session tracking via cookies, thanks for the help.

      Comment

      Working...
      X