kief 01/02/13 00:58:54
Modified: src/share/org/apache/tomcat/session Tag: tomcat_32
StandardSessionInterceptor.java
Log:
Repaired the if clause which checks whether a session has been found
from the session manager. The code was calling request.setSession(sess) even when
the value
of sess was null. This only seemed to have cropped up during forwarding, and then
only when the request included an invalid session ID: the first servlet in the
chain would create a session, then when the forwarded servlet requested the
session this little bug wiped out the first session.
This was reported as bug 504 in Bugzilla.
I also standardized indentation in this area of the code, since it contributed to
making
the bug a bitch to track down!
Revision Changes Path
No revision
No revision
1.5.2.4 +15 -13
jakarta-tomcat/src/share/org/apache/tomcat/session/Attic/StandardSessionInterceptor.java
Index: StandardSessionInterceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/session/Attic/StandardSessionInterceptor.java,v
retrieving revision 1.5.2.3
retrieving revision 1.5.2.4
diff -u -r1.5.2.3 -r1.5.2.4
--- StandardSessionInterceptor.java 2000/11/18 01:33:59 1.5.2.3
+++ StandardSessionInterceptor.java 2001/02/13 08:58:54 1.5.2.4
@@ -123,19 +123,21 @@
log( "Configuration error in StandardSessionInterceptor - no context " +
request );
}
- // Added by Hans:
- // First check if we have a valid session ID from the URL, set by the
SessionInterceptor,
- // and if so, set it as the request session. If we have also received a valid
session ID
- // as a cookie, the next section of code will reset the session to the one
matching the
- // ID found in the cookie.
- String requestedSessionID = request.getRequestedSessionId();
- if (requestedSessionID != null) {
- if (debug > 0) log("Found URL session ID: " + requestedSessionID);
- sess = sM.findSession(requestedSessionID);
- if (sess != null)
- if (debug > 0) log("The URL session ID is valid");
- request.setSession(sess);
- }
+ // Added by Hans:
+ // First check if we have a valid session ID from the URL, set by the
SessionInterceptor,
+ // and if so, set it as the request session. If we have also received a valid
session ID
+ // as a cookie, the next section of code will reset the session to the one
matching the
+ // ID found in the cookie.
+ String requestedSessionID = request.getRequestedSessionId();
+ if (requestedSessionID != null) {
+ if (debug > 0)
+ log("Found URL session ID: " + requestedSessionID);
+ sess = sM.findSession(requestedSessionID);
+ if (sess != null) {
+ if (debug > 0) log("The URL session ID is valid");
+ request.setSession(sess);
+ }
+ }
// PF, loop across all cookies named JSESSIONID checking to see if any of them
are valid.
// There should in most cases be a maximum of 2, and normally there will only
be one. The
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
