You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When spring-session is used and HttpServletRequest#changeSessionId() is called previously obtained HTTP session instance is no longer usable.
For example following code works fine on tomcat, jetty and undertow, but doesn't when spring-session is used
HttpSessionsession = req.getSession();
req.changeSessionId();
session.setAttribute("attr", "value");
// ...// expect attrValue to be "value" ObjectattrValue = req.getSession().getAttribute("attr");
The text was updated successfully, but these errors were encountered:
Thanks for the report! This was indeed an issue. I have fixed this in master and it will be available in the 1.0.2 release.
While I did test this myself, I'd appreciate you trying out the latest SNAPSHOT and ensuring that it resolved your issue. You can obtain the spring-session-1.0.2.BUILD-SNAPSHOT.jar from our maven repository:
rwinch
changed the title
obtained session instance is unusable after HttpServletRequest#changeSessionId() is called.
Updates to previous HttpSession references are not reflected after changeSessionId() invoked
Jul 27, 2015
When
spring-session
is used andHttpServletRequest#changeSessionId()
is called previously obtained HTTP session instance is no longer usable.For example following code works fine on tomcat, jetty and undertow, but doesn't when
spring-session
is usedThe text was updated successfully, but these errors were encountered: