You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by pe...@apache.org on 2006/03/04 15:45:50 UTC

svn commit: r383120 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java

Author: pero
Date: Sat Mar  4 06:45:50 2006
New Revision: 383120

URL: http://svn.apache.org/viewcvs?rev=383120&view=rev
Log:
remove also ISE from getLastAccessTime to support SingleSignOn.

Modified:
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java
URL: http://svn.apache.org/viewcvs/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java?rev=383120&r1=383119&r2=383120&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java Sat Mar  4 06:45:50 2006
@@ -421,13 +421,7 @@
      * a value associated with the session, do not affect the access time.
      */
     public long getLastAccessedTime() {
-
-         if ( !isValid() ) {
-             throw new IllegalStateException
-                 (sm.getString("standardSession.getLastAccessedTime.ise"));
-         }
-         return (this.lastAccessedTime);
-
+        return (this.lastAccessedTime);
     }
 
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: svn commit: r383120 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java

Posted by Remy Maucherat <re...@apache.org>.

Peter Rossbach wrote:
> Oops...
> 
> But currently the SSO not work and also we must revert the patch at 
> DeltaSession.
> 
> Other idea is we  can move expiring flag after removeAttribuiteInternal()
> 
> StandardSession
> -- expire(boolean)
> 
>            // Unbind any objects associated with this session
>             String keys[] = keys();
>             for (int i = 0; i < keys.length; i++)
>                 removeAttributeInternal(keys[i], notify, false);
> 
>             // We have completed expire of this session
>             expiring = false;

It's also non spec compliant.

> Sorry, but some people ask me that SSO not work anymore.

Is it a regression ? I think it would be good to fix it, but using this 
method will not work.

Rémy

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: svn commit: r383120 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java

Posted by Peter Rossbach <pr...@objektpark.de>.

Oops...

Am 04.03.2006 um 16:54 schrieb Remy Maucherat:

> pero@apache.org wrote:
>> Author: pero
>> Date: Sat Mar  4 06:45:50 2006
>> New Revision: 383120
>> URL: http://svn.apache.org/viewcvs?rev=383120&view=rev
>> Log:
>> remove also ISE from getLastAccessTime to support SingleSignOn.
>
> Although this is blatantly not spec compliant (so, -1 for your  
> change), I undertsand this specification violation :)
>
> You should have reported it earlier, and I would have mentioned it  
> to the Servlet expert group along with the getId issue. The reason  
> for my -1 is that this behavior has been like this forever, so  
> there's no reason to change our minds all of a sudden without at  
> least a way to revert the specification compliant mechanism. I may  
> remove my -1 after hearing other's opinion, and adding such a  
> mechanism.
>
> For stuff which could be tested by TCK assertions, but which do not  
> make sense in production for whatever reason, and could not be  
> changed through the JCP (because of no expert group consensus, or  
> just spec lifecycle issues), I propose adding a new system property  
> like (javax.servlet.strict=true/false, with the default being  
> false), and a matching static final field in Globals. This change  
> to getLastAccessTime  should most likely use the field.
>
+1 for that...

But currently the SSO not work and also we must revert the patch at  
DeltaSession.


Other idea is we  can move expiring flag after  
removeAttribuiteInternal()

StandardSession
-- expire(boolean)

            // Unbind any objects associated with this session
             String keys[] = keys();
             for (int i = 0; i < keys.length; i++)
                 removeAttributeInternal(keys[i], notify, false);

             // We have completed expire of this session
             expiring = false;


Sorry, but some people ask me that SSO not work anymore.

Peter

> Rémy
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: svn commit: r383120 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java

Posted by Remy Maucherat <re...@apache.org>.

pero@apache.org wrote:
> Author: pero
> Date: Sat Mar  4 06:45:50 2006
> New Revision: 383120
> 
> URL: http://svn.apache.org/viewcvs?rev=383120&view=rev
> Log:
> remove also ISE from getLastAccessTime to support SingleSignOn.

Although this is blatantly not spec compliant (so, -1 for your change), 
I undertsand this specification violation :)

You should have reported it earlier, and I would have mentioned it to 
the Servlet expert group along with the getId issue. The reason for my 
-1 is that this behavior has been like this forever, so there's no 
reason to change our minds all of a sudden without at least a way to 
revert the specification compliant mechanism. I may remove my -1 after 
hearing other's opinion, and adding such a mechanism.

For stuff which could be tested by TCK assertions, but which do not make 
sense in production for whatever reason, and could not be changed 
through the JCP (because of no expert group consensus, or just spec 
lifecycle issues), I propose adding a new system property like 
(javax.servlet.strict=true/false, with the default being false), and a 
matching static final field in Globals. This change to getLastAccessTime 
  should most likely use the field.

Rémy

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org