Bug 1028843 - Documentation bug: the solution of security issue JBPAPP-3079 is wrong
Documentation bug: the solution of security issue JBPAPP-3079 is wrong
Status: CLOSED WONTFIX
Product: JBoss Enterprise Application Platform 5
Classification: JBoss
Component: doc-Release_Notes (Show other bugs)
5.0.0
All All
unspecified Severity low
: ---
: ---
Assigned To: Scott Mumford
Russell Dickenson
: Documentation, EasyFix, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-11-10 22:21 EST by Kenjiro Nakayama
Modified: 2014-03-12 21:13 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-03-12 21:13:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kenjiro Nakayama 2013-11-10 22:21:33 EST
Document URL: 

https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Release_Notes_5.0.1/index.html

Section Number and Name: 

7.  Issues fixed in this release 
Security Issues
JBPAPP-3079

Describe the issue: 
Doc says The Solution of flushing JBoss Authentication Cache is to uncomment the filter in Tomcat's web.xml, but filter must be added. 
The following KCS is right.

Why does flushOnSessionInvalidation not flush the JAAS cache when sessions timeout on JBoss?
https://access.redhat.com/site/solutions/169873

Suggestions for improvement: 

<current>
You must uncolmment this filter in Tomcat's web.xml to use this feature. 

<TOBE>
You must uncolmment add the filter in server/$PROFILE/deployers/jbossweb.deployer/web.xml to use this feature.

Note You need to log in before you can comment on or make changes to this bug.