You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "J.W. Janssen (JIRA)" <ji...@apache.org> on 2016/01/28 10:42:39 UTC
[jira] [Created] (FELIX-5175) Sessions are incorrectly destroyed
J.W. Janssen created FELIX-5175:
-----------------------------------
Summary: Sessions are incorrectly destroyed
Key: FELIX-5175
URL: https://issues.apache.org/jira/browse/FELIX-5175
Project: Felix
Issue Type: Bug
Components: HTTP Service
Affects Versions: http.base-3.0.6
Reporter: J.W. Janssen
Assignee: J.W. Janssen
Fix For: http.base-3.0.8
HttpSessionWrapper contains a static member, getExpiredSessionContextIds, that determines which sessions should be destroyed based on the timeouts that are set on each session.
The implementation incorrectly assumes these timeouts are in milliseconds, while the timeouts are actually set in seconds (see JavaDoc of HttpSession). This means that a timeout of 300 (5 minutes) is interpreted as 300 milliseconds, resulting in sessions being destroyed too soon.
(Found through ACE-528)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)