[NEXUS-7877] prevent nexus from sending rememberMe=deleteme cookie - Sonatype JIRA

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.11.1
Fix Version/s: 2.11.2
Component/s: Transport
Labels:
None

Sprint:
Sprint 34

Description

Nexus 2.x does not use Shiro RememberMe services, yet Nexus 2.x still sends a cookie back to the client for most requests:

Set-Cookie: rememberMe=deleteme etc.

This cookie header should be killed - it is pointless.

NX3 does use remember me services, so this exact bug does not apply there.

Attachments

Activity

People

Assignee:: Peter Lynch

Reporter:: Peter Lynch

Last Updated By:: Peter Lynch

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 01/06/15 06:39 PM

Updated:: 08/15/16 10:27 PM

Resolved:: 01/19/15 08:34 PM

tigCommentSecurity.panel-title