DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13954>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13954 invalid session passed in HttpBindingEvent on valueUnbound Summary: invalid session passed in HttpBindingEvent on valueUnbound Product: Tomcat 4 Version: 4.0.4 Final Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] When a timeout occurs, the HttpSession passed into valueUnbound() via the HttpBindingEvent contains an already invalidated HttpSession. Since there is no lifecycle of an HttpSession defined in the servlet spec, I an guessing this is open to implementor's to decide. I would *expect* all listeners to have their valueUnbound() methods called before the session they were attached to is actually invalidated by the Web Container. A stacktrace below shows the timeline of events: -------------------------------------------------- (D)-255- | Thu Oct 24 14:36:52 MDT 2002 | OnlineMonitor | valueUnbound | 36838.1035489988143 | Entering java.lang.Exception: getAttribute: Session already invalidated at com.vergecorp.util.Log.error(Log.java:445) at net.ejip.monitor.online.OnlineMonitor.valueUnbound (OnlineMonitor.java:69) at org.apache.catalina.session.StandardSession.removeAttribute (StandardSession.java:1073) at org.apache.catalina.session.StandardSession.expire (StandardSession.java:596) at org.apache.catalina.session.StandardManager.processExpires (StandardManager.java:755) at org.apache.catalina.session.StandardManager.run (StandardManager.java:832) at java.lang.Thread.run(Thread.java:536) (E) | Thu Oct 24 14:36:52 MDT 2002 | OnlineMonitor | valueUnbound | 36838.1035489988143 | getAttribute: Session already invalidated >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> StandardSession.expire() code has the setValid(true) method called too early!!!! It should really be called after all of the valueUnbound() methods are called. For instance, right before the expiring=false is set near the bottom of the method. /** * Perform the internal processing required to invalidate this session, * without triggering an exception if the session has already expired. */ public void expire() { // Mark this session as "being expired" if needed if (expiring) return; expiring = true; setValid(false); // Remove this session from our manager's active sessions if (manager != null) manager.remove(this); // Unbind any objects associated with this session String keys[] = keys(); for (int i = 0; i < keys.length; i++) removeAttribute(keys[i]); // Notify interested session event listeners fireSessionEvent(Session.SESSION_DESTROYED_EVENT, null); // Notify interested application event listeners // FIXME - Assumes we call listeners in reverse order StandardContext context = (StandardContext) manager.getContainer(); Object listeners[] = context.getApplicationListeners(); if (listeners != null) { HttpSessionEvent event = new HttpSessionEvent(getSession()); for (int i = 0; i < listeners.length; i++) { int j = (listeners.length - 1) - i; if (!(listeners[j] instanceof HttpSessionListener)) continue; HttpSessionListener listener = (HttpSessionListener) listeners[j]; try { context.fireContainerEvent("beforeSessionDestroyed", listener); listener.sessionDestroyed(event); context.fireContainerEvent("afterSessionDestroyed", listener); } catch (Throwable t) { context.fireContainerEvent("afterSessionDestroyed", listener); // FIXME - should we do anything besides log these? log(sm.getString("standardSession.sessionEvent"), t); } } } // We have completed expire of this session expiring = false; if ((manager != null) && (manager instanceof ManagerBase)) { recycle(); } } -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
