My project is using undertow 2.2.2.Final with Spring Boot 2.2.7.RELEASE

Sometimes, the session id key saved in the internal sessions map in InMemorySessionManager is different than the session id of the actual session. Thus, when the session is invalidated, it is not being properly removed from this internal map, causing "UT000010: Session is invalid" to occur forever, until the browser is completely closed or the JSESSIONID cookie is cleared.

The handling of sessions is done by Spring Boot and the only thing we have configured for the application is a SessionCreationPolicy of ALWAYS.

Since this isn't readily reproducible, I don't know if this is a concurrency/threading issue or something improperly configured on our end.

I know this isn't much, but here is a snapshot of the internal map when the issue occurs (in normal operation, the two circled ids are always equal):