Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-19474

[GSS](7.3.z) UNDERTOW-1419 - bumpTimeout method usage in InMemorySessionManager

    XMLWordPrintable

Details

    Description

      Possible bug as mentioned in https://developer.jboss.org/thread/278634. As mentioned in the thread, use of bumpTimeout may cause a session that may never expire.

      From jstourac@redhat.com:

      The list of methods where 'bumpTimeout' is actually used in InMemorySessionManager to following: createSession(), setMaxInactiveInterval(), getAttribute(), getAttributeNames(), setAttribute(), removeAttribute(). From this list usage in following methods is suspicious: getAttribute(), getAttributeNames(), setAttribute(), removeAttribute().

      All occurrences were added by this commit with initial session timeout implementation.

      The truth is the Servlet 4.0, section 7.5 specification (Servlet 3.1 is almost identical) specifies that timeout depends on user activity only:

      "This means that the only mechanism that can be used to indicate when a client is no longer active is a time out period."

      Response from stuartdouglas_jira from mail:

      We could probably change that to just update the timeout in requestDone().

      Attachments

        Issue Links

          causes

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-20708 [GSS](7.3.z) In progress request can run into session timeout

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          incorporates

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-1419 bumpTimeout method usage in InMemorySessionManager

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-19475 [GSS](7.2.z) UNDERTOW-1419 - bumpTimeout method usage in InMemorySessionManager

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is incorporated by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-19475 [GSS](7.2.z) UNDERTOW-1419 - bumpTimeout method usage in InMemorySessionManager

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              rhn-support-ivassile Ilia Vassilev
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: