Details
-
Improvement
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
To make the CmsSecurityValve more robust, and make sure that the HttpSession binded jcr session cannot be out-of-sync (which we seemed to have in a clustered environment with concurrent copying hst config for same subsite), we need to logout the JCR session at the end, and login + refresh at the beginning (refresh just to make sure all latest changes from the repo has been synced in clustered env)