[ 
https://issues.apache.org/jira/browse/GEODE-2889?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15999167#comment-15999167
 ] 

ASF GitHub Bot commented on GEODE-2889:
---------------------------------------

GitHub user upthewaterspout opened a pull request:

    https://github.com/apache/geode/pull/494

    GEODE-2889: Update the last access time of native sessions

    Our getSession method had some races where we were holding onto a
    reference to the native session, but not updating the last accessed time
    of the native session by calling into getSession of the container. This
    could allow the container to expire the session in the middle of our
    method.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/upthewaterspout/incubator-geode 
feature/GEODE-2889

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/geode/pull/494.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #494
    
----
commit a9a79d54c782e13763f0c4a1b3bef4293804fb7e
Author: Dan Smith <upthewatersp...@apache.org>
Date:   2017-05-03T22:49:57Z

    GEODE-2889: Update the last access time of native sessions
    
    Our getSession method had some races where we were holding onto a
    reference to the native session, but not updating the last accessed time
    of the native session by calling into getSession of the container. This
    could allow the container to expire the session in the middle of our
    method.

----


> Generic session module should touch sessions rather than recreate the native 
> session
> ------------------------------------------------------------------------------------
>
>                 Key: GEODE-2889
>                 URL: https://issues.apache.org/jira/browse/GEODE-2889
>             Project: Geode
>          Issue Type: Bug
>          Components: http session
>            Reporter: Dan Smith
>
> The session module for generic application servers is doing some magic to try 
> to recreate native sessions if they have been idle for too long. This can 
> cause failures if the container expires a session concurrently, because the 
> expiration can happen after we have checked if the session is valid, but 
> before we can read the session creation time.
> {noformat}
> /*
>          * This is a massively gross hack. Currently, there is no way to 
> actually update the last
>          * accessed time for a session, so what we do here is once we're into 
> X% of the session's
>          * TTL we grab a new session from the container.
>          *
>          * (inactive * 1000) * (pct / 100) ==> (inactive * 10 * pct)
>          */
>         if (session.getLastAccessedTime()
>             - session.getCreationTime() > (session.getMaxInactiveInterval() * 
> 10
>                 * percentInactiveTimeTriggerRebuild)) {
>           HttpSession nativeSession = super.getSession();
>           session.failoverSession(nativeSession);
>         }
> {noformat}
> Instead of this, we should just call getSession on the container and have it 
> update the last accessed time of the native session.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to