Viewing Issue Simple Details |
ID |
Category |
Type |
Reproducibility |
Date Submitted |
Last Update |
0000930 |
[In-Portal CMS] Data Management |
task |
always |
2010-11-19 06:14 |
2011-03-30 09:53 |
|
Reporter |
alex |
View Status |
public |
|
Assigned To |
alex |
Priority |
normal |
Resolution |
fixed |
|
Status |
closed |
|
|
|
|
Summary |
0000930: Don't create session in admin console, until admin has logged-in |
Description |
On Front-end In-Portal don't create empty session (records in UserSession and SessionData tables) until there is need to write something into it (e.g. user_id of logged-in user).
Why we don't have same type protection against too much unused sessions being created in admin console too.
For example I don't have ability to enable cookies and I'm just refreshing admin console login screen. New session will be created each time I do so.
Also, when I need to ask something from admin console via CURL request, then also session is created. |
Additional Information |
|