Bug
Login cookie lingers if not login cancelled
Issue description
When a resource A is accessed which needs authentication, the server creates a session id and stores A, then redirects to the login form. The session id persists even if the user does not login. This should be changed. On any request that is not login related, the session should be destroyed.
|
Work sessions2
Start |
2017-06-08T14:41:41
|
End |
2017-06-08T15:18:04
|
Participant |
Robert Cerny
|
Start |
2017-06-14T08:14:34
|
End |
2017-06-14T09:14:15
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.