CDV ❯ TC Session: does not create a new session after session.invliadate() has been called

• Type: Bug
• Status: Closed
• Priority: 2 Major
• Resolution: Won't Fix
• Component/s:
• Labels:

• Assignee:
• Reporter: alex
• Created: June 11, 2007
• Votes: 0
• Watchers: 0
• Updated:

  July 27, 2012
• Resolved:

  June 11, 2007

Description

This problem is reported by http://forums.terracotta.org/forums/posts/list/280.page

BUG DETAILS: App Code: session.invalidate(); request.getSession(true).getAttribute(“…”);

Container Behavior: Tomcat will create a new session as long as response has not been commited.

TC Session Behavior: TCS throws IllegalStateException exception on all session-related operation after session.invalidate() has been called.

FIX DETAILS: We will have to do the following:

• if response has been committed throw IllegalStateException
• else, correctly release the lock on the old session id
• generate a new session id and acquire a lock on it
• write new session cookie (if request hopped a server this might create 2 session id cookies, so the old one should be removed)
• proceed with the request and unlock the new session id at the end
• if request is forwarded more complications arise

Comments

Alex Voskoboynik 2007-06-11

Oops. wrong type of issue. it’s in CDV-291 instead