You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by bu...@apache.org on 2001/10/24 05:22:16 UTC

DO NOT REPLY [Bug 4385] New: - ClassicPipeline removes Attribute from invalidated session

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4385>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4385

ClassicPipeline removes Attribute from invalidated session

           Summary: ClassicPipeline removes Attribute from invalidated
                    session
           Product: Turbine
           Version: 3.0
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Source
        AssignedTo: turbine-dev@jakarta.apache.org
        ReportedBy: edkoffler@fedex.com


ClassicPipeline.finished() removes the AccessControlList.SESSION_KEY. 

However, a '/action/Logout' had been called which calls HttpSession.invalidate
(). According to the specification (for 2.2 and 2.3) 
HttpSession.removeAttribute should throw an IllegalStateException on an 
invalidated HttpSession.

I modified the code (patch below), and the code works well.

The web server I am using, not that it matters, is Jetty (version 3.1.2).

Thanks.

Index: ClassicPipeline.java
===================================================================
RCS file: /home/cvspublic/jakarta-turbine-
3/src/java/org/apache/turbine/pipeline/ClassicPipeline.java,v
retrieving revision 1.3
diff -u -r1.3 ClassicPipeline.java
--- ClassicPipeline.java	2001/09/01 16:58:11	1.3
+++ ClassicPipeline.java	2001/10/24 03:01:51
@@ -364,8 +364,16 @@
         // the session.
         if ( data.getACL() == null )
         {
-            data.getSession().removeValue(
-                AccessControlList.SESSION_KEY);
+            try
+            {
+                data.getSession().removeValue(
+                    AccessControlList.SESSION_KEY);
+            }
+            catch (IllegalStateException invalidatedSession)
+            {
+                // Web was used to shut us down. Trying to clean up
+                // our stuff, but it's already been done for us.
+            }
         }
     }
 }

---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org