Bug #45611

Destruction of session after logout should be configurable

Added by Benno Weinzierl over 8 years ago.

Status:
New
Priority:
Could have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2013-02-19
Due date:
% Done:

0%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

After logout the session is destroyed.

In the AuthenticationProviderManager:

if ($this->session->isStarted()) {
    $this->session->destroy('Logout through AuthenticationProviderManager');
}

There should be a way to deactivate this by configuration because in some cases one want to keep information in the session regardles of the login-state.

No data to display

Also available in: Atom PDF