Bug 59145

Summary: Incorrect warning logging on invalidate session when using SingleSignOn valve
Product: Tomcat 7 Reporter: Coen Wouters <coen.wouters>
Component: ManagerAssignee: Tomcat Developers Mailing List <dev>
Severity: normal    
Priority: P2    
Version: 7.0.68   
Target Milestone: ---   
Hardware: PC   
OS: All   
Attachments: Zip file containing java and xml sources

Description Coen Wouters 2016-03-08 11:36:14 UTC
Created attachment 33650 [details]
Zip file containing java and xml sources

I have created a simple Servlet which is configured to use the SingleSignOn valve in combination with BASIC authentication.

When the servlet invalidates the session it results in a warning:

Mar 08, 2016 12:20:06 PM org.apache.catalina.authenticator.SingleSignOn expire
WARNING: SSO unable to expire session [Host: [localhost], Context: [/webproject], SessionID: [B2F3A538F5971CA3FC1EEE38CC2FFE95]] because the Session could not be found

The problem can also be reproduced on Tomcat 8.0.32
Comment 1 Mark Thomas 2016-03-08 20:31:30 UTC

*** This bug has been marked as a duplicate of bug 59043 ***
Comment 2 Coen Wouters 2016-03-10 10:44:01 UTC
(In reply to Mark Thomas from comment #1)
> *** This bug has been marked as a duplicate of bug 59043 ***

Tried with latest sources of tomcat 7 trunk from http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/ and the problem can still be reproduced
Comment 3 Mark Thomas 2016-03-10 15:13:14 UTC
Thanks for the report and checking whether this was still an issue.

Fixed in 9.0.x (for 9.0.0.M4 onwards), 8.0.x (8.0.33 onwards) and 7.0.x (7.0.69 onwards).