Details
-
Type: Bug
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: 1.8.2a, 1.8.2-EE-GA_P02
-
Fix Version/s: 1.8.3, EE-1.8.2.GA_P03
-
Component/s: Framework
-
Labels:None
-
Environment:ICEfaces
Description
The TouchSessionFilter is designed to "touch" the session in a way such that the ICEfaces session monitoring code is notified that activity is taking place. The code in question:
...
try {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
if (session != null) {
...
currently creates a session if one doesn't already exist which can lead to confusion in the framework because the the new session will contain a new ice.session value which does not match the existing ice.session value that comes in with the request.
The mismatch will be logged as an error and the ICEfaces framework will assume that the session has expired.
...
try {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
if (session != null) {
...
currently creates a session if one doesn't already exist which can lead to confusion in the framework because the the new session will contain a new ice.session value which does not match the existing ice.session value that comes in with the request.
The mismatch will be logged as an error and the ICEfaces framework will assume that the session has expired.
Activity
Repository | Revision | Date | User | Message |
ICEsoft Public SVN Repository | #23868 | Tue Feb 01 10:34:26 MST 2011 | deryk.sinotte | |
Files Changed | ||||
MODIFY
/icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/TouchSessionFilter.java
|
Deryk Sinotte
created issue -
Deryk Sinotte
made changes -
Field | Original Value | New Value |
---|---|---|
Salesforce Case | [5007000000F4mQL] | |
Fix Version/s | 1.8.2-EE-GA_P03 [ 10251 ] | |
Fix Version/s | 1.8.3 [ 10211 ] | |
Assignee Priority | P1 | |
Description |
The TouchSessionFilter is designed to "touch" the session in a way such that the ICEfaces session monitoring code is notified that activity is taking place. The code in question currently will create a session if one doesn't already exist which can lead to confusion in the framework because the the new session will contain a new ice.session value which does not match the existing ice.session value that comes in with the request. The mismatch will be logged as an error and the ICEfaces framework will assume that the session has expired. |
The TouchSessionFilter is designed to "touch" the session in a way such that the ICEfaces session monitoring code is notified that activity is taking place. The code in question: ... try { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpSession session = request.getSession(); if (session != null) { ... currently creates a session if one doesn't already exist which can lead to confusion in the framework because the the new session will contain a new ice.session value which does not match the existing ice.session value that comes in with the request. The mismatch will be logged as an error and the ICEfaces framework will assume that the session has expired. |
Assignee | Deryk Sinotte [ deryk.sinotte ] |
Deryk Sinotte
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |
Assignee Priority | P1 |
Changed the code to use the "false" parameter so that sessions are not created by the filter.
try {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession(false);
if (session != null) {