[magnolia-dev] [JIRA] Commented: (MAGNOLIA-547) Workaround for non-synchronized sessions and unnecessary invalidation of session removed

[Michael Aemisegger (JIRA)]

    [ http://jira.magnolia.info/browse/MAGNOLIA-547?page=comments#action_11300 
] 

Michael Aemisegger commented on MAGNOLIA-547:
---------------------------------------------

The reason for the invalidation most probably was due to the jackrabbit bug 
http://issues.apache.org/jira/browse/JCR-155 .

I guess, acquiring a new http session forced the workspace session to be built 
from scratch which circumvented above problems.

This bug is claimed to be fixed, however for some reason I still suffered the 
same problem. I'm not sure whether it was because the jackrabbit build 
retrieved by maven was not yet updated or the fix did not improve the 
situation. So I still need to remove some session attributes where the session 
invalidation took place:

    /*
     * This method is a workaround for jackrabbit bug
     * http://issues.apache.org/jira/browse/JCR-155
     * 
     * Better than to invalidate the session like in the original magnolia code.
     */

    private HierarchyManager refreshHierarchyManager( String repository ) {
        HierarchyManager hierarchyManager;

        this.getRequest().getSession().removeAttribute( "mgnlHMgr_" + 
repository + "_" + ContentRepository.DEFAULT_WORKSPACE );
        this.getRequest().getSession().removeAttribute( "mgnlAccessMgr_" + 
repository + "_default" );
        this.getRequest().getSession().removeAttribute( 
"mgnlRepositorySession_" + repository + "_default" );
        hierarchyManager = SessionAccessControl.getHierarchyManager( 
this.getRequest(), this.getRepository() );

        return hierarchyManager;
    }

Maybe with a truly new jackrabbit snapshot, this code will not be necessary 
anymore.

This issue should carefully be tested, e.g. with different users logging into 
the system and modifying content sequentially and concurrently.

> Workaround for non-synchronized sessions and unnecessary invalidation of 
> session removed
> ----------------------------------------------------------------------------------------
>
>          Key: MAGNOLIA-547
>          URL: http://jira.magnolia.info/browse/MAGNOLIA-547
>      Project: magnolia wcm
>         Type: Bug
>   Components: core
>     Versions: 2.1 Final
>  Environment: all
>     Reporter: Michael Aemisegger
>     Assignee: Fabrizio Giustina
>     Priority: Critical
>      Fix For: 2.1.1, 2.2 M1

>
> Original Estimate: 1 hour
>         Remaining: 1 hour
>
> ---------- History start ----------
> I hadtrouble with non synchronized hierarchy managers.
> I create a page and rename it to "parentPage". Then, I create another page as 
> a child of the first page and rename it to "childPage". That's when I run 
> into trouble:
> hm.getContent("/parentPage/untitled") does still return the old content, 
> which should not exist anymore.
> hm.getContent("/parentPage").getContent("/untitled") instead, throws a 
> PathNotFoundException as expected.
> hm.getContent("/parentPage/childPage") in turn also returns the newly renamed 
> content.
> The two return values have same id, session, startPage etc. I couldn't find 
> any difference.
> Also hm.save() or parentPage.save() didn't help, which is very strange, since 
> http://incubator.apache.org/jackrabbit/apidocs/org/apache/jackrabbit/core/package-summary.html#package_description
>  says that jackrabbit uses copy-on-write strategy. A save shouldn't be needed 
> at all according to 
> http://www.day.com/maven/jsr170/javadocs/jcr-0.16.4.1/javax/jcr/Workspace.html#move(java.lang.String,
>  java.lang.String)
> I tried to reproduce this error on the demo instance of magnolia. But 
> everything went well. Then I found the difference between my code and the 
> original code:
>    SessionAccessControl.invalidateUser(this.getRequest());
> in Tree.rename(). 
> ---------- History end ----------
> Further researching revealed
> http://issues.apache.org/jira/browse/JCR-155
> So, I finally changed the HierarchyManager to perform the move on the session 
> and then save it, rather than performing the move on the workspace itself.
> This allowed me to remove the malicious  
> SessionAccessControl.invalidateUser(this.getRequest()) calls in Tree.java. 
> It's not very pleasant to have the session invalidated just because you 
> perform CRUD operations on the repository. A quick test suggests that also 
> magnolia does not have problems anymore without these calls.
> patch for revision 1437 of tagged version /magnolia2.1
> Note that the patch for Tree.java might already have been applied partly :
> diff -uBbPr 
> originals/magnolia-2.1/src/main/info/magnolia/cms/core/HierarchyManager.java 
> patched/magnolia-2.1/src/main/info/magnolia/cms/core/HierarchyManager.java
> --- 
> originals/magnolia-2.1/src/main/info/magnolia/cms/core/HierarchyManager.java  
>       2005-08-31 11:29:25.000000000 +0200
> +++ 
> patched/magnolia-2.1/src/main/info/magnolia/cms/core/HierarchyManager.java  
> 2005-09-10 14:22:39.000000000 +0200
> @@ -476,7 +476,12 @@
>          AccessDeniedException {
>          Access.isGranted(this.accessManager, source, Permission.REMOVE);
>          Access.isGranted(this.accessManager, destination, Permission.WRITE);
> -        this.workSpace.move(source, destination);
> +        /*
> +         * maem: rather use session because of caching bug
> +         * see http://issues.apache.org/jira/browse/JCR-155
> +         */
> +        this.workSpace.getSession().move(source, destination);
> +        this.workSpace.getSession().save();
>      }
>      /**
> diff -uBbPr 
> originals/magnolia-2.1/src/main/info/magnolia/cms/gui/control/Tree.java 
> patchedForSendingPatches/magnolia-2.1/src/main/info/magnolia/cms/gui/control/Tree.java
> --- originals/magnolia-2.1/src/main/info/magnolia/cms/gui/control/Tree.java   
>   2005-08-31 11:29:16.000000000 +0200
> +++ 
> patchedForSendingPatches/magnolia-2.1/src/main/info/magnolia/cms/gui/control/Tree.java
>       2005-09-10 14:45:37.000000000 +0200
> @@ -785,7 +785,6 @@
>                  // copy
>                  hm.copyTo(source, destination);
>              }
> -            SessionAccessControl.invalidateUser(this.getRequest());
>              Content newContent = hm.getContent(destination);
>              try {
>                  newContent.updateMetaData(this.getRequest());
> @@ -860,7 +859,6 @@
>                      parent.orderBefore(newLabel, placedBefore);
>                  }
>              }
> -            SessionAccessControl.invalidateUser(this.getRequest());
>              Content newPage = hm.getContent(dest);
>              returnValue = newLabel;
>              newPage.updateMetaData(this.getRequest());
> @@ -1090,9 +1088,7 @@
>          html.append("</script>"); //$NON-NLS-1$
>          // contextmenu
> -        if (menu.getMenuItems().size() != 0) {
>              html.append(menu.getHtml());
> -        }
>          // register menu
>          html.append("<script>" + this.getJavascriptTree() + ".menu = " + 
> menu.getName() + "</script>"); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------