Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-21059

[GSS](7.3.z) WFLY-14526 - Distributable sessions cannot be invalidated via CLI

XMLWordPrintable

      The CLI call to invalidate a session does nothing if the app is distributable:

      /deployment=app.war/subsystem=undertow:invalidate-session(session-id=id)

      This CLI call ultimately results in an invalidate call to DistributableImmutableSession, which does nothing:

          public void invalidate(HttpServerExchange exchange) {
        // Do nothing
    }

      The CLI operation fetches the session from the manager by id:

                  Session session = sessionManager.getSession(sessionId);

      The DistributableSessionManager only allows an Immutable session to be returned here:

          public io.undertow.server.session.Session getSession(String sessionId) {
        // If requested id contains invalid characters, then session cannot exist and would otherwise cause session lookup to fail
        if (!IDENTIFIER_SERIALIZER.validate(sessionId)) {
            return null;
        }
        try (Batch batch = this.manager.getBatcher().createBatch()) {
            try {
                ImmutableSession session = this.manager.viewSession(sessionId);
                return (session != null) ? new DistributableImmutableSession(this, session) : null;

      The DistributableSessionManager only lets you get a session you can invalidate if you call getSession by the HttpServerExchange, which a CLI command can't do.

      So can the DistributableSessionManager be fixed and improved to allow invalidation on the session it hands out by the Id so the CLI command can function?

              pferraro@redhat.com Paul Ferraro
              pferraro@redhat.com Paul Ferraro
              Votes:
              1 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: