DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14283>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14283 StandardSession does not guard against Listener exceptions Summary: StandardSession does not guard against Listener exceptions Product: Tomcat 4 Version: 4.1.12 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] (This bug also exists in the Tomcat 4.0.x code base.) StandardSession should have try/catch(Throwable) blocks around calls to session listeners (defined in a webapp) in case the listener logic throws an exception/error during execution. Some listener calls are already guarded in StandardSession but the remaining ones are: public void passivate() { : : try { ((HttpSessionActivationListener) attribute).sessionWillPassivate(event); } catch (Throwable t) { ; // do nothing } The same try/catch block should also be wrapped around the following calls in StandardSession.java: Line 716: ((HttpSessionActivationListener)attribute).sessionDidActivate(event); Line 1143: ((HttpSessionBindingListener) value).valueUnbound(event); Line 1252: ((HttpSessionBindingListener) unbound).valueUnbound (new HttpSessionBindingEvent((HttpSession) this, name)); Line 1265: ((HttpSessionBindingListener) value).valueBound(event); -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>
