GEODE-2889: Update the last access time of native sessions Our getSession method had some races where we were holding onto a reference to the native session, but not updating the last accessed time of the native session by calling into getSession of the container. This could allow the container to expire the session in the middle of our method.
This closes #494 Project: http://git-wip-us.apache.org/repos/asf/geode/repo Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/1d3e0d53 Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/1d3e0d53 Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/1d3e0d53 Branch: refs/heads/feature/GEODE-2900 Commit: 1d3e0d53f2182f9ca9c680bb8927e70f204ce89d Parents: 250c818 Author: Dan Smith <[email protected]> Authored: Wed May 3 15:49:57 2017 -0700 Committer: Dan Smith <[email protected]> Committed: Tue May 9 13:07:25 2017 -0700 ---------------------------------------------------------------------- .../modules/session/filter/SessionCachingFilter.java | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/geode/blob/1d3e0d53/extensions/geode-modules-session/src/main/java/org/apache/geode/modules/session/filter/SessionCachingFilter.java ---------------------------------------------------------------------- diff --git a/extensions/geode-modules-session/src/main/java/org/apache/geode/modules/session/filter/SessionCachingFilter.java b/extensions/geode-modules-session/src/main/java/org/apache/geode/modules/session/filter/SessionCachingFilter.java index 25e22bb..702415e 100644 --- a/extensions/geode-modules-session/src/main/java/org/apache/geode/modules/session/filter/SessionCachingFilter.java +++ b/extensions/geode-modules-session/src/main/java/org/apache/geode/modules/session/filter/SessionCachingFilter.java @@ -145,22 +145,10 @@ public class SessionCachingFilter implements Filter { */ @Override public HttpSession getSession(boolean create) { + super.getSession(false); if (session != null && session.isValid()) { session.setIsNew(false); session.updateAccessTime(); - /* - * This is a massively gross hack. Currently, there is no way to actually update the last - * accessed time for a session, so what we do here is once we're into X% of the session's - * TTL we grab a new session from the container. - * - * (inactive * 1000) * (pct / 100) ==> (inactive * 10 * pct) - */ - if (session.getLastAccessedTime() - - session.getCreationTime() > (session.getMaxInactiveInterval() * 10 - * percentInactiveTimeTriggerRebuild)) { - HttpSession nativeSession = super.getSession(); - session.failoverSession(nativeSession); - } return session; }
