-
Type: Bug Report
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: 5.0.2-B1
-
Fix Version/s: 5.0.2-B1
-
Component/s: Permissions
-
Labels:None
-
External issue URL:
-
External issue ID:423
-
Copy Issue Key:
-
Patch Instructions:
Session expiration doesn't happen after patch from #0000359 (Two different urls will lead to same physical template on Front-End) was applied. It made "expired" parameter (set in u:OnSessionExpire event) passed to index.tpl and not available on "login.tpl", where it's used.
Besides, when I try to force admin session expiration by decrementing UserSession.LastAccessed field value I've got fatal error about non-unique record being inserted into UserSession table and not nice redirect to login screen. This happens in debug mode. When in non-debug mode, then maybe this error will be ignored and redirect will be made.
No info about Front-End. Maybe we have same story there.