Bug #78739: Internal user data is not updated when session id is regenerated - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #78739

closed

Internal user data is not updated when session id is regenerated

Added by Helmut Hummel about 8 years ago. Updated about 6 years ago.

Status:

Closed

Priority:

Must have

Assignee:

Category:

Target version:

Start date:

2016-11-18

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

6.2

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

AbstractUserAuthentication stores a copy of the session id (don't ask me why).
When regenerating the session id we need to update this storage as well.

This error was the reason for getting the invalid token message, after a re-login, when IP address changed.
After successful login the id is regenerated. Then the FormProtection framework save the form token to the session
with setAndSaveSessioData, which failed because this method tried to update the session data from the old id.

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Bug #78739

Internal user data is not updated when session id is regenerated

Updated by Helmut Hummel about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Gerrit Code Review about 8 years ago

Updated by Anonymous about 8 years ago

Updated by Benni Mack about 6 years ago