Bug 49476

Summary: Cannot expire selected session in Manager webapp
Product: Tomcat 7 Reporter: Konstantin Kolinko <knst.kolinko>
Component: ManagerAssignee: Tomcat Developers Mailing List <dev>
Severity: normal    
Priority: P2    
Version: trunk   
Target Milestone: ---   
Hardware: PC   
OS: Windows XP   

Description Konstantin Kolinko 2010-06-20 11:47:00 UTC
Running 7.0.0. Steps to reproduce:

1. Login to the Manager webapp.

2. In the "Sessions" column click on the number (1) in the "/manager" row.
The Sessions Administration page`[1] is opened.

3. In the sessions list put a checkmark next to any session and press Invalidate selected Sessions button.

Actual result: message:
FAIL: Nonce mismatch. Command "/sessions" was ignored.

and the page displays the list of webapps.
Expected result: Invalidating a session and redisplaying the sessions list.

[1] http://localhost:8080/manager/html/sessions?path=/manager

Suspected cause is that [1] is opened with a GET query that does not include the nonce in its URL.
Comment 1 Mark Thomas 2010-06-24 05:59:22 UTC
This has been fixed in trunk and will be included in 7.0.1 onwards.