-
Type: Bug Report
-
Status: Closed
-
Priority: Minor
-
Resolution: Fixed
-
Affects Version/s: 5.1.1-RC1
-
Fix Version/s: 5.1.2-B1
-
Component/s: Data Management
-
Labels:None
-
External issue URL:
-
Change Log Message:Removed initial session creation in Admin Console
-
External issue ID:930
-
Copy Issue Key:
-
Patch Instructions:
On Front-end In-Portal don't create empty session (records in UserSession and SessionData tables) until there is need to write something into it (e.g. user_id of logged-in user).
Why we don't have same type protection against too much unused sessions being created in admin console too.
For example I don't have ability to enable cookies and I'm just refreshing admin console login screen. New session will be created each time I do so.
Also, when I need to ask something from admin console via CURL request, then also session is created.