You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/02/06 12:25:26 UTC

DO NOT REPLY [Bug 26715] New: - Sessions that have been persisted during a server restart never time out.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26715>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26715

Sessions that have been persisted during a server restart never time out.

           Summary: Sessions that have been persisted during a server
                    restart never time out.
           Product: Tomcat 5
           Version: 5.0.18
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: strunk@signal7.de


This can easily be reproduced.
1. create a session via request.getSession(true).
2. restart the server so the session will be persisted and loaded again.
3. wait until the session has timed out according to the value specified in web.xml.
4. the session can still be accessed by the client and stays accessible if not
explicitly invalidated by a call to session.invalidate().

Looking at the codebase I think the reason for this is the accessCount field in
StandardSession being in an inconsistent state after sessions have been reloaded
from file. The attached patch solves it for me.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org