[
https://issues.apache.org/jira/browse/SHIRO-399?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Les Hazlewood resolved SHIRO-399.
---------------------------------
Resolution: Fixed
Fix Version/s: 1.3.0
1.2.2
Bogdan - this was great. Thanks *very* much for the unit test!
Fixed in 1.2.2+ and trunk
> Memory leak for invalid sessions
> --------------------------------
>
> Key: SHIRO-399
> URL: https://issues.apache.org/jira/browse/SHIRO-399
> Project: Shiro
> Issue Type: Bug
> Affects Versions: 1.2.1
> Reporter: Bogdan Flueras
> Fix For: 1.2.2, 1.3.0
>
> Attachments: patch.txt
>
>
> Have a session and wait till gets invalidated via logout/expiration.
> In a SessionListener implementation for the session the client code can try
> to clean-up the session (what I originally did: session.removeAttributes()
> but doing so throws an InvalidSessionException because the session is already
> invalidated by the time it reaches the listener)
> This unexpected exception alters the normal flow, hence the code that should
> delete the session never gets executed, hence the invalidated session data
> hangs forever either in memory or other storage.
> This can be avoided with well behaved client code-which knows that it
> shouldn't try to clean an expired session, but it should be also handled on
> your side as well and to enclose some code in try/finally blocks.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
