You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by john lee <sh...@yahoo.com> on 2009/12/12 18:09:54 UTC
struts bug? session object bug? pls help
I have the same serious problem that is similar to an old thread
http://marc.info/?l=struts-user&m=121234554714110&w=2
I use session object to manage user data for my company's e-commerce site, from time to time,specially when have high web access traffic, the session data could overlap, and from different user object. It is very frustrated, because it not happen always, but once a while, but serious problem, i do not know it is bug for strusts or not.
public ActionForward execute(ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response
) throws Exception
{
HttpSession session=request.getSession();
UserInfoForm uif, t_uif;
Boolean check_cookie=false;
String login=null;
if (session==null) {
session=request.getSession(true);
check_cookie=true;
}
else {
uif=(UserInfoForm) session.getAttribute(BeanNames.USERINFO);
if (uif==null || uif.getLogin_id()==null ||uif.getLogin_id().equals("Visit") )
check_cookie=true;
}
if (check_cookie) {
t_uif=new UserInfoForm();
uif.setLogin_id("Visit");
session.setAttribute(BeanNames.USERINFO,uif);
Cookie theCookie=null;uif.setLogin_id("Visit");
Cookie cookieList[]=request.getCookies();
if (cookieList!=null) {
for (int i=0; i<cookieList.length;i++) {
theCookie=cookieList[i];
if ( theCookie.getName().equals("XXX") ) /* XXX=company name */
login=theCookie.getValue();
}
if (login==null)
t_uif=null;
else
t_uif=security_service.ask(login); /* to access db, to verify user info ...*/
if (t_uif==null)
t_uif.setLogin_id("Visit");
session.setAttribute(BeanNames.USERINFO,t_uif);
}
}
uif=(UserInfoForm) session.getAttribute(BeanNames.USERINFO);
....
average once a month or when have heavy web traffic, the 'USERINFO' session object could be overlap with wrong customer info.
please give me any clue, tks in advance
john