struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4741) Http Sessions forcefully created for all requests using I18nInterceptor with default Storage value.
Date Wed, 31 Jan 2018 13:19:01 GMT

    [ https://issues.apache.org/jira/browse/WW-4741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16346797#comment-16346797
] 

ASF subversion and git services commented on WW-4741:
-----------------------------------------------------

Commit 20a7b6503ff58a3e1e8bdabc07dd61cf36254cca in struts's branch refs/heads/master from
[~yasser.zamani]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=20a7b65 ]

Merge pull request #207 from lukaszlenart/sessionless

WW-4741: Do not create session

> Http Sessions forcefully created for all requests using I18nInterceptor with default
Storage value.
> ---------------------------------------------------------------------------------------------------
>
>                 Key: WW-4741
>                 URL: https://issues.apache.org/jira/browse/WW-4741
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.5.10
>            Reporter: Adam Greenfield
>            Assignee: Lukasz Lenart
>            Priority: Major
>             Fix For: 2.5.15
>
>
> Changes made in WW-4730 for store and read functions cause an httpSession to be created
for every request that uses I18nInterceptor when storage = Storage.SESSION.
> Current code checks for 
> {noformat}Map<String, Object> session = invocation.getInvocationContext().getSession(){noformat}
> to be null and then calls 
> {noformat}ServletActionContext.getRequest().getSession(){noformat}
> (notice how the second one references the HttpServletRequest.  The HttpServletRequest
Session and and the InvocationContext session are different.  The request's session can be
null, even if the InvocationContext's session is not). 
> Calling .getSession() in this manner forcefully creates a session.
>  An appropriate check here might be 
> {noformat}HttpSession httpSession = ServletActionContext.getRequest().getSession(false);

> if(httpSession != null) {
> ... // get sessionId and synchronize on it
> }
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message