bdemers commented on a change in pull request #186: [SHIRO-668] Catch
unexpected errors which can lead to oom
URL: https://github.com/apache/shiro/pull/186#discussion_r354887015
##########
File path:
core/src/main/java/org/apache/shiro/session/mgt/ExecutorServiceSessionValidationScheduler.java
##########
@@ -111,8 +111,17 @@ public void run() {
if (log.isDebugEnabled()) {
log.debug("Executing session validation...");
}
+ Thread.currentThread().setUncaughtExceptionHandler((t, e) -> {
+ log.error("Error while validating the session, the thread will be
stopped and session validation disabled", e);
+ this.disableSessionValidation();
Review comment:
This seems like a good idea, but I'm not 100% sure on this.
Are there any uncaught Throwables that could be recovered from? The JVM
doesn't stop, so the application _might_ continue to function just fine
That said, I'm assuming in these cases there is a very low percentage chance
of being able to recover, so failing seems like a good option. Part of me
wants to say we should allow the setting of the ExectorService's
`UncaughtExceptionHandler` (but default to your impl). But the other part of
me thinks my suggestion is likely over-engineering a situation you cannot
recover from anyway.
**NOTE:** take this with a grain of salt, as this is just a quick review
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
