You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/02/26 23:40:59 UTC
DO NOT REPLY [Bug 27273] New: -
HttpSessionListener receives sessionDestroyed() event twice per timed-out HTTP session
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27273>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27273
HttpSessionListener receives sessionDestroyed() event twice per timed-out HTTP session
Summary: HttpSessionListener receives sessionDestroyed() event
twice per timed-out HTTP session
Product: Tomcat 5
Version: 5.0.16
Platform: All
OS/Version: Windows XP
Status: NEW
Severity: Major
Priority: Other
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: alex_verk@mail.ru
Register a listener of type HttpSessionListener in web.xml. Make it log calls
to sessionCreated() and sessionDestroyed(). Invoke a servlet to create new HTP
session. Within the servlet code set session timeout to something like 5
seconds. Close client app. Slowly count to 5. See the listener's log.
Expected: one call to sessionCreated() and one to sessionDestroyed().\
Actual: one call to sessionCreated(), as expected, then two calls to
sessionDestroyed(). In both calls to sessionDestroyed() event.getSession()
returns reference to the same session object.
Reason:
HttpSessionListener receives sessionDestroyed() event twice.
Here is a quote from org.apache.catalina.session.StandardManager:
public void processExpires() {
long timeNow = System.currentTimeMillis();
Session sessions[] = findSessions();
for (int i = 0; i < sessions.length; i++) {
StandardSession session = (StandardSession) sessions[i];
if (!session.isValid()) {
try {
expiredSessions++;
session.expire();
} catch (Throwable t) {
log.error(sm.getString
("standardManager.expireException"), t);
}
}
}
long timeEnd = System.currentTimeMillis();
processingTime += ( timeEnd - timeNow );
}
The problem, apparently is that session.expire() method is invoked not only
direct from the above quoted method (StandardManager,java:815), but also
session.isValid() method.
I am not familiar with Tomcat codebase to try and suggest a fix, but a method
called "isValid" doing something other than assessing and reporting the session
state to its caller seems strange.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org