tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kief Morris <>
Subject Re: Session-expiry bug? getLastAccessedTime
Date Sat, 10 Feb 2001 12:30:32 GMT
Murthy Gorty typed the following on 09:59 AM 2/9/2001 -0800
>I noticed a problem with session timeouts in Tomcat3.2.1
>The background thread that recycles sessions based on timeouts uses 
>The session object itself has two variables
>lastAccessedTime and thisAccessedTime.
>    public long getLastAccessedTime() 
>    {
>	return (this.lastAccessedTime);
>    }
>lastAccessedTime is the time a request is made BEFORE the present request.
>So, getLastAccessedTime is the time of the (last-1)request 
>and not the last request.
>Isnt this a bug? shouldnt getLastAccessedTime return

I haven't looked at this code in detail, but my thoughts on this are:
getLastAccessedTime() needs to return the (last - 1) during a request,
or it won't behave correctly for servlet code. After a request is finished, 
lastAccessedTime should be updated to = thisAccessTime, so 
getLastAccessedTime() will return the time of the last request when
checked by the expiration code. Is this not the case?


View raw message