Revision 5505
Added by ben leinfelder over 13 years ago
| src/edu/ucsb/nceas/metacat/service/SessionService.java | ||
|---|---|---|
| 166 | 166 |
if (sessionId == null) {
|
| 167 | 167 |
logMetacat.error("SessionService.unRegisterSession - trying to " +
|
| 168 | 168 |
"unregister a session with null id"); |
| 169 |
return; |
|
| 169 | 170 |
} |
| 171 |
if (sessionId.equals(PUBLIC_SESSION_ID)) {
|
|
| 172 |
logMetacat.error("SessionService.unRegisterSession - cannot unregister public session, " +
|
|
| 173 |
"sessionId=" + sessionId); |
|
| 174 |
return; |
|
| 175 |
} |
|
| 170 | 176 |
|
| 171 | 177 |
logMetacat.info("SessionService.unRegisterSession - unRegistering session: " + sessionId);
|
| 172 | 178 |
sessionHash.remove(sessionId); |
Also available in: Unified diff
[merged from 1.9.3 branch] security fix: never unregister the "public" user session