aledsage commented on a change in pull request #1096:
URL: https://github.com/apache/brooklyn-server/pull/1096#discussion_r420769989
##########
File path:
rest/rest-resources/src/main/java/org/apache/brooklyn/rest/util/MultiSessionAttributeAdapter.java
##########
@@ -217,7 +219,11 @@ private void invalidateAllSession(HttpSession
preferredSession, HttpSession loca
private HttpSession findValidPreferredSession(HttpSession
localSession, HttpServletRequest optionalRequest) {
if (localSession instanceof Session) {
SessionHandler preferredHandler =
getPreferredJettyHandler((Session)localSession, true, true);
- HttpSession preferredSession = preferredHandler==null ? null :
preferredHandler.getHttpSession(localSession.getId());
+
+ SessionIdManager idManager =
((DefaultSessionIdManager)preferredHandler.getSessionIdManager());
Review comment:
I see this code is mostly a copy of the impl of
`sessionHandler.getHttpSession(String)`, which is now protected in jetty 9.4.22.
But your code does not call `session.setIdChanged(true)`, which that method
does when the id doesn't match. I've no idea what the implications are of that
difference!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
