Project

General

Profile

Actions

Bug #78739

closed

Internal user data is not updated when session id is regenerated

Added by Helmut Hummel about 8 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
-
Target version:
-
Start date:
2016-11-18
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

AbstractUserAuthentication stores a copy of the session id (don't ask me why).
When regenerating the session id we need to update this storage as well.

This error was the reason for getting the invalid token message, after a re-login, when IP address changed.
After successful login the id is regenerated. Then the FormProtection framework save the form token to the session
with setAndSaveSessioData, which failed because this method tried to update the session data from the old id.


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #69763: Re-login after expired backend session throws exceptionClosedNicole Cordes2015-09-13

Actions
Actions

Also available in: Atom PDF