You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bi...@apache.org on 2003/01/15 07:11:24 UTC
cvs commit: jakarta-tomcat/src/facade22/org/apache/tomcat/facade HttpSessionFacade.java Servlet22Interceptor.java
billbarker 2003/01/14 22:11:24
Modified: src/facade22/org/apache/tomcat/facade HttpSessionFacade.java
Servlet22Interceptor.java
Log:
Remember when the actual session has been invalidated.
It is possible for the realSession to become valid again because it is being used by somebody else. Thus we can't rely on the realSession on its own.
Also keep a copy of the sessionId so that we don't return somebody elses Id instead.
I'm going to some lengths here to avoid doing a String comparision for every access.
Hopefully the last fix for bug #15894
Reported By: Christian Wicke cwicke@ics.uci.edu
Revision Changes Path
1.20 +8 -2 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/HttpSessionFacade.java
Index: HttpSessionFacade.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/HttpSessionFacade.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- HttpSessionFacade.java 10 Jan 2003 05:40:12 -0000 1.19
+++ HttpSessionFacade.java 15 Jan 2003 06:11:23 -0000 1.20
@@ -93,6 +93,9 @@
private static StringManager sm =
StringManager.getManager("org.apache.tomcat.resources");
ServerSession realSession;
+ // We need to keep the Id, since it may change in realSession.
+ private String sessionId;
+ private boolean isValid = false;
HttpSessionFacade() {
}
@@ -102,18 +105,21 @@
void setRealSession(ServerSession s) {
realSession=s;
realSession.setFacade( this );
+ sessionId = realSession.getId().toString();
+ isValid = true;
}
/** Package-level method - accessible only by core
*/
void recycle() {
+ isValid = false;
// realSession=null;
}
// -------------------- public facade --------------------
public String getId() {
- return realSession.getId().toString();
+ return sessionId;
}
/**
@@ -301,7 +307,7 @@
// duplicated code, private
private void checkValid() {
- if (!realSession.getTimeStamp().isValid()) {
+ if (! (realSession.getTimeStamp().isValid() && isValid )) {
throw new IllegalStateException
(sm.getString("standardSession.getAttributeNames.ise"));
}
1.22 +3 -0 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/Servlet22Interceptor.java
Index: Servlet22Interceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/Servlet22Interceptor.java,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- Servlet22Interceptor.java 12 Oct 2002 06:01:28 -0000 1.21
+++ Servlet22Interceptor.java 15 Jan 2003 06:11:23 -0000 1.22
@@ -235,6 +235,9 @@
sess.removeAttribute( key );
}
}
+ if( httpSess != null && newState==ServerSession.STATE_EXPIRED ) {
+ ((HttpSessionFacade)httpSess).recycle();
+ }
}
return 0;
}
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>