You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by lu...@apache.org on 2005/01/11 21:39:52 UTC
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core ApplicationHttpRequest.java
luehe 2005/01/11 12:39:52
Modified: catalina/src/share/org/apache/catalina/core
ApplicationHttpRequest.java
Log:
Fix for 32832 ("request.getSession(false) fails to return null").
I believe this bug has been valid: If the session in the foreign
context has been invalidated, it must not be returned. A comment in
the code actually stated that the current session be returned "if it
exists and is valid", but the isValid() check on the session was
missing, and is being added by this commit.
Also, a session is now created in the foreign context only if 'create' is TRUE.
Revision Changes Path
1.23 +9 -6 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java
Index: ApplicationHttpRequest.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- ApplicationHttpRequest.java 8 Dec 2004 01:25:52 -0000 1.22
+++ ApplicationHttpRequest.java 11 Jan 2005 20:39:52 -0000 1.23
@@ -482,8 +482,9 @@
return (null);
// Return the current session if it exists and is valid
- if (session != null)
+ if (session != null && session.isValid()) {
return (session.getSession());
+ }
HttpSession other = super.getSession(false);
if (create && (other == null)) {
@@ -500,7 +501,7 @@
} catch (IOException e) {
// Ignore
}
- if (localSession == null) {
+ if (localSession == null && create) {
localSession = context.getManager().createEmptySession();
localSession.setNew(true);
localSession.setValid(true);
@@ -509,9 +510,11 @@
(context.getManager().getMaxInactiveInterval());
localSession.setId(other.getId());
}
- localSession.access();
- session = localSession;
- return session.getSession();
+ if (localSession != null) {
+ localSession.access();
+ session = localSession;
+ return session.getSession();
+ }
}
return null;
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org