tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "deacon Marcus" <deacon_mar...@wwtech.pl>
Subject Sessions - bug in Tomcat 4.1.24
Date Wed, 11 Jun 2003 23:13:52 GMT
Hello,
It seems in Tomcat 4.1.24 HttpSession is already invalid when passed to
HttpSessionListener.sessionDestroyed(), which just does not make sense.
API Docs say: "public void sessionDestroyed(HttpSessionEvent se)
Notification that a session is about to be invalidated.", in my opinion
"about to be" means that the Session should be valid when this method is
called until it returns.

I think the problem lies within StandardSession.expire method:

It is:

    public void expire(boolean notify) {

        // Mark this session as "being expired" if needed
        if (expiring)
            return;
        expiring = true;
        setValid(false); // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<

        // Remove this session from our manager's active sessions
[...]
    }

While I believe (I'm about to test it in next few hours) it should be:

    public void expire(boolean notify) {

        // Mark this session as "being expired" if needed
        if (expiring)
            return;
        expiring = true;

        // Remove this session from our manager's active sessions
[...]
        // We have completed expire of this session
        setValid(false);   // <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
        expiring = false;
        if ((manager != null) && (manager instanceof ManagerBase)) {
            recycle();
        }

    }


Greetings, deacon Marcus


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message