struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4741) Http Sessions forcefully created for all requests using I18nInterceptor with default Storage value.
Date Wed, 31 Jan 2018 13:19:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16346793#comment-16346793
] 

ASF subversion and git services commented on WW-4741:
-----------------------------------------------------

Commit e9a4bcd776e82afb135091f7ad48ada90bf5d2e6 in struts's branch refs/heads/master from
[~lukaszlenart]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=e9a4bcd ]

WW-4741 Does not create session if it doesn't exist


> Http Sessions forcefully created for all requests using I18nInterceptor with default
Storage value.
> ---------------------------------------------------------------------------------------------------
>
>                 Key: WW-4741
>                 URL: https://issues.apache.org/jira/browse/WW-4741
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.5.10
>            Reporter: Adam Greenfield
>            Assignee: Lukasz Lenart
>            Priority: Major
>             Fix For: 2.5.15
>
>
> Changes made in WW-4730 for store and read functions cause an httpSession to be created
for every request that uses I18nInterceptor when storage = Storage.SESSION.
> Current code checks for 
> {noformat}Map<String, Object> session = invocation.getInvocationContext().getSession(){noformat}
> to be null and then calls 
> {noformat}ServletActionContext.getRequest().getSession(){noformat}
> (notice how the second one references the HttpServletRequest.  The HttpServletRequest
Session and and the InvocationContext session are different.  The request's session can be
null, even if the InvocationContext's session is not). 
> Calling .getSession() in this manner forcefully creates a session.
>  An appropriate check here might be 
> {noformat}HttpSession httpSession = ServletActionContext.getRequest().getSession(false);

> if(httpSession != null) {
> ... // get sessionId and synchronize on it
> }
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message