Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2147

race condition between session invalidate and changeSessionId leads to UT000010

XMLWordPrintable

      A race condition across multiple requests invoking session invalidate and changeSessionId can result in an invalid session being left in the session map. That session is then leaked and won't ever expire and subsequent requests from the client fail with an error like below until they clear their cookie:

      17:35:56,213 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /sessiontest/hi.jsp: java.lang.IllegalStateException: UT000010: Session is invalid yXOeMfuedx29nxgqG59iU9g6OSjWA0Vvevw9xb3W
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:548)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.util.SavedRequest.tryRestoreRequest(SavedRequest.java:155)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:74)
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      	at org.wildfly.extension.undertow@7.4.6.GA-redhat-00002//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      	at org.wildfly.extension.undertow@7.4.6.GA-redhat-00002//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
      	at io.undertow.core@2.2.18.SP2-redhat-00001//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
      	at io.undertow.servlet@2.2.18.SP2-redhat-00001//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
      

      Timing can play out like so to lead to this:
      1. Request A is received and starts session invalidate
      2. Request B is received and starts changeSessionId
      3. Request A progresses in its invalidate call and removes session from the sessions map
      4. Request B reaches createAndSaveNewID and sets the session back in the map
      5. Request A sets the session to invalid and returns a reponse clearing the cookie on the client
      6. Request B returns, setting the cookie back on the client
      7. Request C is sent with the now invalid cookie and hits an error

        1. UNDERTOW-2147.btm
          1 kB
          Aaron Ogburn
        2. undertow-2147.war
          0.9 kB
          Aaron Ogburn
        3. UNDERTOW-2147-2.btm
          0.2 kB
          Aaron Ogburn

              flaviarnn Flavia Rainone
              rhn-support-aogburn Aaron Ogburn
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: