You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Michael Heinen (JIRA)" <de...@myfaces.apache.org> on 2012/08/31 16:00:18 UTC
[jira] [Commented] (MYFACES-3598) ViewExpiredException during
logout after the 3rd login
[ https://issues.apache.org/jira/browse/MYFACES-3598?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13445942#comment-13445942 ]
Michael Heinen commented on MYFACES-3598:
-----------------------------------------
I assume the bug is inside
ServerSideStateCacheImpl.add(FacesContext context, Object state, Integer nextSequence,SerializedViewKey previousRestoredKey)
Click Flow:
1) call index.xhtml
sequence 1 is created
SerializedViewKey = 1, /index.xhtml
previousRestoredKey=null
2) 1st login
sequence increased to 2
login action executed
SerializedViewKey = 2, /drin.xhtml
previousRestoredKey = 1, /index.xhtml
3) 1st logout
sequence increased to 3
logout action --> session is invalidated
SerializedViewKey = 3, /index.xhtml
previousRestoredKey = 2, /drin.xhtml
4) 2nd login
sequence 1 is created
login action executed
SerializedViewKey = 1, /drin.xhtml
previousRestoredKey is SerializedViewKey = 3, /index.xhtml
5) 2nd logout
sequence increased to 2
logout action --> session is invalidated
SerializedViewKey = 2, /index.xhtml
previousRestoredKey is SerializedViewKey = 1, /drin.xhtml
6) 3rd login
sequence 1 is created
login action executed
SerializedViewKey = 1, /drin.xhtml
previousRestoredKey is SerializedViewKey = 2, /index.xhtml
Now the old SerializedViewKeys are removed and unfortunately the new SerializedViewKey equals a previous SerializedViewKey from a previous session!
keyToRemove
2, /index.xhtml is removed
1, /drin.xhtml MUST not be removed
A potential fix could be to check whether !keyToRemove.equals(key) at the beginning of the do while loop:
do
{
if (keyToRemove!=null && !keyToRemove.equals(key))//NEW ***
{
while (_keys.remove(keyToRemove))
{
// do nothing
}
...
}
keyToRemove = _precedence.remove(keyToRemove);
} while(keyToRemove != null);
> ViewExpiredException during logout after the 3rd login
> ------------------------------------------------------
>
> Key: MYFACES-3598
> URL: https://issues.apache.org/jira/browse/MYFACES-3598
> Project: MyFaces Core
> Issue Type: Bug
> Components: General
> Affects Versions: 2.1.8
> Environment: Tomcat 6.0.35 / 7.0.29
> Reporter: Michael Heinen
> Attachments: viewExpired.war
>
>
> We have a simple webApp with 2 views.
> The first view (login screen) contains a non ajax button which navigates to the second view.
> The second view contains a non ajax button (logout) which invalidates the web session and navigates back to the first view.
> A ViewExpiredException occurs with myfaces if these steps are executed exactly 3 times (logn followed by logoutand logout action)
> The ViewExpiredException occurs in restore view during the 3rd logut action.
> The ViewExpiredException does not occur if the web session is not invalidated in the logout action!
> Config:
> javax.faces.STATE_SAVING_METHOD=server
> javax.faces.PARTIAL_STATE_SAVING=false
> org.apache.myfaces.NUMBER_OF_VIEWS_IN_SESSION = 2
> org.apache.myfaces.NUMBER_OF_SEQUENTIAL_VIEWS_IN_SESSION = 2
>
> The ViewExpiredException does not occur with mojarra 2.1.12 with
> com.sun.faces.numberOfViewsInSession and com.sun.faces.numberOfLogicalViews both set to 2.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira