You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Phil Steitz <ph...@steitz.com> on 2003/01/01 02:01:26 UTC
Re: cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/session ManagerBase.java
billbarker@apache.org wrote:
> billbarker 2002/12/30 19:45:48
>
> Modified: catalina/src/share/org/apache/catalina/session
> ManagerBase.java
> Log:
> Make certain that the jvmRoute is attached to the session before comparing for uniqueness.
>
> Submitted by: Glenn Olander glenn@greenoak.com
>
> Revision Changes Path
> 1.16 +15 -9 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/session/ManagerBase.java
>
> Index: ManagerBase.java
> ===================================================================
> RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/session/ManagerBase.java,v
> retrieving revision 1.15
> retrieving revision 1.16
> diff -u -r1.15 -r1.16
> --- ManagerBase.java 30 Dec 2002 02:36:26 -0000 1.15
> +++ ManagerBase.java 31 Dec 2002 03:45:48 -0000 1.16
> @@ -580,17 +580,23 @@
> session.setMaxInactiveInterval(this.maxInactiveInterval);
> String sessionId = generateSessionId();
>
> - synchronized (sessions) {
> - while (sessions.get(sessionId) != null) // Guarantee uniqueness
> - sessionId = generateSessionId();
> - }
> -
> String jvmRoute = getJvmRoute();
> // @todo Move appending of jvmRoute generateSessionId()???
> if (jvmRoute != null) {
> sessionId += '.' + jvmRoute;
> session.setId(sessionId);
> }
> + synchronized (sessions) {
> + while (sessions.get(sessionId) != null){ // Guarantee uniqueness
> + sessionId = generateSessionId();
> + // @todo Move appending of jvmRoute generateSessionId()???
> + if (jvmRoute != null) {
> + sessionId += '.' + jvmRoute;
> + session.setId(sessionId);
> + }
> + }
> + }
> +
> session.setId(sessionId);
>
> return (session);
>
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
Seems to me that all but the last setID(sessionID) in the code above
should be removed. The session ID should not be set until a unique id
has been found. I have attached a patch against the current head
removing the lines to be deleted. Unless I am missing something, there
is no point in making these calls -- and from looking at what setID
does, there could be some undesirable side effects.
-Phil