Return-Path: X-Original-To: apmail-struts-issues-archive@minotaur.apache.org Delivered-To: apmail-struts-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 99CC017B01 for ; Wed, 1 Oct 2014 05:50:34 +0000 (UTC) Received: (qmail 60328 invoked by uid 500); 1 Oct 2014 05:50:34 -0000 Delivered-To: apmail-struts-issues-archive@struts.apache.org Received: (qmail 60291 invoked by uid 500); 1 Oct 2014 05:50:34 -0000 Mailing-List: contact issues-help@struts.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@struts.apache.org Delivered-To: mailing list issues@struts.apache.org Received: (qmail 60279 invoked by uid 99); 1 Oct 2014 05:50:34 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Oct 2014 05:50:34 +0000 Date: Wed, 1 Oct 2014 05:50:34 +0000 (UTC) From: "Lukasz Lenart (JIRA)" To: issues@struts.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (WW-4409) Modify the TokenInterceptor not to lock the session object while handling and invalid token MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/WW-4409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-4409: ------------------------------ Fix Version/s: 2.3.x > Modify the TokenInterceptor not to lock the session object while handling and invalid token > ------------------------------------------------------------------------------------------- > > Key: WW-4409 > URL: https://issues.apache.org/jira/browse/WW-4409 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors > Affects Versions: 2.3.18 > Reporter: Rob Baily > Priority: Minor > Fix For: 2.3.x > > Attachments: tokeninterceptor.patch > > > Similar to WW-3582. Currently in the TokenInterceptor class in the handleToken method there is a lock on the session object and the handleInvalidToken method is called within that block. In our environment we overrode the handleInvalidToken and it turned out that when this method ran long that any other requests for the user were immediately blocked and the threads were locked up and unable process any further requests. > I would like to see if we can change the handleToken method not to lock the session when calling the method to handle an invalid token. I realize that ours may not be an ideal implementation and the base implementation should be fast but it does seem like the time an object is locked should be minimized. I don't know if there is a reason that the invalid method would need to be in that block. > I am including a patch for the change on this. It does not affect the tests and I do not know if there is a good way to add a test that would check the locking. -- This message was sent by Atlassian JIRA (v6.3.4#6332)