LDEV-4400, LDEV-3315 Toggle session ID change for each LAMS module WildFly 10 changes session ID after authentication by default in order to…
Show more
LDEV-4400, LDEV-3315 Toggle session ID change for each LAMS moduleWildFly 10 changes session ID after authentication by default in orderto prevent session fixation attack. It breaks TestHarness, though. Inorder to run TH, session ID change needs to be turned off.Turning it off for Central is not enough as a request to any othermodule, like Tool, triggers session ID change. In this case we need tohave session ID change turned on or off in each LAMS module, not justCentral.
Show less
