[ http://jira.magnolia.info/browse/MAGNOLIA-560?page=all ]

Grégory Joseph updated MAGNOLIA-560:
------------------------------------

    Fix Version/s:     (was: 3.5)

> Too eager caching in Path.getURI
> --------------------------------
>
>                 Key: MAGNOLIA-560
>                 URL: http://jira.magnolia.info/browse/MAGNOLIA-560
>             Project: Magnolia
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.1 Final
>            Reporter: Andreas Brenk
>         Assigned To: Sameer Charles
>   Original Estimate: 5 minutes
>  Remaining Estimate: 5 minutes
>
> I have wrapped Magnolia in Spring WebMVC ServletWrappingControllers. But the 
> problem is possible in other "pure web.xml" situations, too. In order to 
> extend a Magnolia based Website with some business logic for a custom search 
> form I intercept a special URL /searchForm, then forward using the 
> RequestDispatcher to a Magnolia handled /searchFormResult.html page. The 
> assigned template displays the search results it gets from a request 
> attribute.
> This worked perfectly well in the authoring environment but stopped working 
> in a public instance (as long as one didn't log in to the public's 
> adminCentral to be precise). The reason being SecurityFilter's isAllowed 
> method. If a session is authorized the method call returns before calling 
> SecureURI.isProtected(Path.getURI(req)) which caches the decoded URI in a 
> request attribute. Problem is: this results in caching "/searchForm" and not 
> "/searchFormResult.html", as the filter runs before the business logic 
> servlet and its call to the RequestDispatcher's forward() method.
> As the caching doesn't even result in a measurable performance improvement 
> (System.currentTimeInMillis() results in the same value before and after the 
> call to getDecodedURI()...) I suggest to always return getDecodedURI(req) and 
> drop the cache.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira



----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/docs/en/editor/stayupdated.html
----------------------------------------------------------------

Reply via email to