1028843 – Documentation bug: the solution of security issue JBPAPP-3079 is wrong

Bug 1028843 - Documentation bug: the solution of security issue JBPAPP-3079 is wrong

Summary: Documentation bug: the solution of security issue JBPAPP-3079 is wrong

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	JBoss Enterprise Application Platform 5
Classification:	JBoss
Component:	doc-Release_Notes
Sub Component:
Version:	5.0.0
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	Scott Mumford
QA Contact:	Russell Dickenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-11-11 03:21 UTC by Kenjiro Nakayama
Modified:	2014-03-13 01:13 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-03-13 01:13:24 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Kenjiro Nakayama 2013-11-11 03:21:33 UTC

Document URL: 

https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Release_Notes_5.0.1/index.html

Section Number and Name: 

7.  Issues fixed in this release 
Security Issues
JBPAPP-3079

Describe the issue: 
Doc says The Solution of flushing JBoss Authentication Cache is to uncomment the filter in Tomcat's web.xml, but filter must be added. 
The following KCS is right.

Why does flushOnSessionInvalidation not flush the JAAS cache when sessions timeout on JBoss?
https://access.redhat.com/site/solutions/169873

Suggestions for improvement: 

<current>
You must uncolmment this filter in Tomcat's web.xml to use this feature. 

<TOBE>
You must uncolmment add the filter in server/$PROFILE/deployers/jbossweb.deployer/web.xml to use this feature.

Note You need to log in before you can comment on or make changes to this bug.