Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 2.0.0.Beta1, 1.4.7.Final
Affects Version/s: None
Component/s: None
Labels:
None

Steps to Reproduce:
Hide

Deploy attached war

Go to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-creation to create a session

Navigate to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-check - It has a 5 seconds sleep. Before the sleep finishes...

Open http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-invalidation in another tab in order to destroy the session.

HttpServletRequest#isRequestedSessionIdValid() on the first tab will return true, but the session is no longer valid, and trying to read its attributes results in an error.

Then, go again to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-creation
After that, go to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-check-async
That page invalidates the session from another thread (run from a ManagedExecutorService). It works as expected in that case.
Show
Deploy attached war Go to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-creation to create a session Navigate to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-check - It has a 5 seconds sleep. Before the sleep finishes... Open http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-invalidation in another tab in order to destroy the session. HttpServletRequest#isRequestedSessionIdValid() on the first tab will return true, but the session is no longer valid, and trying to read its attributes results in an error. Then, go again to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-creation After that, go to http://localhost:8080/session-invalidation-1.0-SNAPSHOT/session-check-async That page invalidates the session from another thread (run from a ManagedExecutorService). It works as expected in that case.

When a request is being processed, and another concurrent request invalidates the session, invalidation is not reflected in the first request, i.e.: calling HttpServletRequest#isRequestedSessionIdValid() returns true. But trying to get any request attribute shows that the request is effectively destroyed. The same happens when the session expires after initiating the request.

Related to ~~WFLY-7568~~ and probably also to ~~WFLY-6744~~

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

session-invalidation-1.0-SNAPSHOT.war
6 kB
2016/11/22 4:06 PM
session-invalidation-src.zip
4 kB
2016/11/22 4:07 PM

causes

WFLY-7568 Sporadic UT000010: Session is invalid

Closed

is related to

WFLY-6744 Problem logout in cluster, not destroyed session (javax.faces.FacesException: UT000010: Session not found)

Closed

Assignee:: Stuart Douglas (Inactive)

Reporter:: Guillermo González de Agüero (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2016/11/22 4:14 PM

Updated:: 2020/09/30 10:23 AM

Resolved:: 2016/11/23 4:12 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates