I'm migrating a big app from jboss as to wildfly 9, and I think I may have found a bug.
I have a logout method, this method invalidates the session, remove all cookies and redirect to /.
I also have a filter that checks for a cookie with the api token and authenticates the user if the cookie is present.
In jboss, it worked. I log out, the cookies are all removed, I go to /, filter run, there are no cookies, I see the login page.
In wildfly, the cookies continue to exist, so I'm logged in again.
Any tips on that? Is there anything I could change?
The code that removes the cookies is:
Cookie[] cookies = request.getCookies(); for (int i = 0; i < cookies.length; i++) { cookies[i].setValue( null ); cookies[i].setPath( "/" ); cookies[i].setMaxAge( 0 ); response.addCookie( cookies[i] ); } request.logout(); request.getSession().invalidate();
Am I doing anything wrong?
Are there any changes on Undertow on how it works related to jboss web?