You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/10/25 00:39:32 UTC
DO NOT REPLY [Bug 13954] New: -
invalid session passed in HttpBindingEvent on valueUnbound
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13954>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13954
invalid session passed in HttpBindingEvent on valueUnbound
Summary: invalid session passed in HttpBindingEvent on
valueUnbound
Product: Tomcat 4
Version: 4.0.4 Final
Platform: PC
OS/Version: Windows NT/2K
Status: NEW
Severity: Normal
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: plittle@vergecorp.com
When a timeout occurs, the HttpSession passed into valueUnbound() via the
HttpBindingEvent contains an already invalidated HttpSession. Since there is
no lifecycle of an HttpSession defined in the servlet spec, I an guessing this
is open to implementor's to decide. I would *expect* all listeners to have
their valueUnbound() methods called before the session they were attached to is
actually invalidated by the Web Container.
A stacktrace below shows the timeline of events:
--------------------------------------------------
(D)-255- | Thu Oct 24 14:36:52 MDT 2002 | OnlineMonitor | valueUnbound |
36838.1035489988143 | Entering
java.lang.Exception: getAttribute: Session already invalidated
at com.vergecorp.util.Log.error(Log.java:445)
at net.ejip.monitor.online.OnlineMonitor.valueUnbound
(OnlineMonitor.java:69)
at org.apache.catalina.session.StandardSession.removeAttribute
(StandardSession.java:1073)
at org.apache.catalina.session.StandardSession.expire
(StandardSession.java:596)
at org.apache.catalina.session.StandardManager.processExpires
(StandardManager.java:755)
at org.apache.catalina.session.StandardManager.run
(StandardManager.java:832)
at java.lang.Thread.run(Thread.java:536)
(E) | Thu Oct 24 14:36:52 MDT 2002 | OnlineMonitor | valueUnbound |
36838.1035489988143 | getAttribute: Session already invalidated
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
StandardSession.expire() code has the setValid(true) method called too
early!!!! It should really be called after all of the valueUnbound() methods
are called. For instance, right before the expiring=false is set near the
bottom of the method.
/**
* Perform the internal processing required to invalidate this session,
* without triggering an exception if the session has already expired.
*/
public void expire() {
// Mark this session as "being expired" if needed
if (expiring)
return;
expiring = true;
setValid(false);
// Remove this session from our manager's active sessions
if (manager != null)
manager.remove(this);
// Unbind any objects associated with this session
String keys[] = keys();
for (int i = 0; i < keys.length; i++)
removeAttribute(keys[i]);
// Notify interested session event listeners
fireSessionEvent(Session.SESSION_DESTROYED_EVENT, null);
// Notify interested application event listeners
// FIXME - Assumes we call listeners in reverse order
StandardContext context = (StandardContext) manager.getContainer();
Object listeners[] = context.getApplicationListeners();
if (listeners != null) {
HttpSessionEvent event =
new HttpSessionEvent(getSession());
for (int i = 0; i < listeners.length; i++) {
int j = (listeners.length - 1) - i;
if (!(listeners[j] instanceof HttpSessionListener))
continue;
HttpSessionListener listener =
(HttpSessionListener) listeners[j];
try {
context.fireContainerEvent("beforeSessionDestroyed",
listener);
listener.sessionDestroyed(event);
context.fireContainerEvent("afterSessionDestroyed",
listener);
} catch (Throwable t) {
context.fireContainerEvent("afterSessionDestroyed",
listener);
// FIXME - should we do anything besides log these?
log(sm.getString("standardSession.sessionEvent"), t);
}
}
}
// We have completed expire of this session
expiring = false;
if ((manager != null) && (manager instanceof ManagerBase)) {
recycle();
}
}
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>