Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 2.1.0.Final
    • Fix Version/s: None
    • Component/s: Core
    • Labels:
      None

      Description

      When handling large number of websocket requests, we discovered HttpSession crossover, i.e., more than 1 websocket connections may share the same HttpSession id. This issue is related to UNDERTOW-1733.

      We overwrite modfiyHandshake, in order to save HttpSession into SeverEndpointConfig (and hence Undertow Session).

       
      public class MyWebsocketConfigurator extends ServerEndpointConfig.Configurator implements Filter {
      
        @Override
        public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest   request, HandshakeResponse response) {
          HttpSession httpSession = (HttpSession) request.getHttpSession();
          config.getUserProperties().put("http.session", httpSession);
          System.out.println("http session id=" + httpSession.getId();
        }
      } 
      
      

      Then, in websocket onOpen()

      @ServerEndpoint(value = "/websocket/v0/{mac}", configurator = MyWebsocketConfigurator.class)
      public class MyWebSocketEndpoint 
      {
        @OnOpen
        public void onOpen(Session session, EndpointConfig config, final  @PathParam("mac") String mac) { 
          HttpSession httpSession = ((HttpSession)session.getUserProperties().get("http.session"));
          System.out.println("http session id = " + httpSession.getId();
        }
      }

      This is running fine for request under lower traffic. Once traffic picks up (perf testing), we start seeing different session id for above 2 println statements. 

      Is this a bug on session management? Your advice is highly appreciated!

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                flavia.rainone Flavia Rainone
                Reporter:
                alany07 Alan Yu
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: